CVE-2005-0982

Multiple cross-site scripting XSS vulnerabilities in Yet Another Forum.net 0.9.9 allow remote attackers to inject arbitrary web script or HTML via the 1 name, 2 location, or 3 Subject field...

CVE-2005-0982

CVE-2005-0982 affects Yet Another Forum.net 0.9.9 and involves multiple cross-site scripting (XSS) vulnerabilities that allow remote attackers to inject arbitrary script or HTML via the (1) name, (2) location, or (3) Subject field. The NVD entry lists a base score of 4.3 (Medium) with Network att...

CVE-2005-0952

CVE-2005-0952 describes a cross-site scripting vulnerability in the PaFileDB 3.1 web application, specifically in pafiledb.php where the attacker can inject arbitrary script via the id parameter. The vulnerability is documented across multiple sources (NVD/Nessus/NVD CVE record). Exploitation cou...

CVE-2005-0961

Cross-site scripting XSS vulnerability in Horde 3.0.4 before 3.0.4-RC2 allows remote attackers to inject arbitrary web script or HTML via the parent frame title...

CVE-2005-0919

Adventia Chat 3.1 and Server Pro 3.0 allows remote attackers to inject arbitrary web script or HTML into the chat space, which leaves other users vulnerable to cross-site scripting XSS attacks...

CVE-2005-0908

Multiple cross-site scripting XSS vulnerabilities in Valdersoft Shopping Cart 3.0 allow remote attackers to inject arbitrary web script or HTML via 1 the lang parameter to index.php or 2 the searchTopCategoryID parameter to searchresult.php...

CVE-2005-0919

Adventia Chat 3.1 and Server Pro 3.0 allows remote attackers to inject arbitrary web script or HTML into the chat space, which leaves other users vulnerable to cross-site scripting XSS attacks...

CVE-2005-0908

CVE-2005-0908 : Affected product is Valdersoft Shopping Cart 3.0. The description documents multiple cross-site scripting (XSS) vulnerabilities that allow remote attackers to inject arbitrary web script or HTML via two parameters: (1) lang in index.php and (2) searchTopCategoryID in search_result...

CVE-2002-1640

Multiple cross-site scripting XSS vulnerabilities in Oracle Configurator before 11.5.7.17.32 and 11.5.6.16.53 allows remote attackers to inject arbitrary web script or HTML via 1 Text Features in the DHTML UI or 2 the test parameter to the oracle.apps.cz.servlet.UiServlet servlet...

CVE-2005-0908

Multiple cross-site scripting XSS vulnerabilities in Valdersoft Shopping Cart 3.0 allow remote attackers to inject arbitrary web script or HTML via 1 the lang parameter to index.php or 2 the searchTopCategoryID parameter to searchresult.php...

CVE-2005-0883

Multiple cross-site scripting XSS vulnerabilities in base.php for DigitalHive 2.0 allow remote attackers to inject arbitrary web script or HTML via 1 the mt parameter to the membres.php page or 2 the -afs-1- query string to the msg.php page...

CVE-2005-0885

XMB Forum 1.9.1 is affected by multiple XSS vulnerabilities (via the Mood and “Send To” fields). Exploitation could allow remote script injection in the context of the affected forum pages. The CVE-2005-0885 entry is corroborated by multiple sources (NVD/NIST and CVE list). The provided documents...

CVE-2005-0888

Multiple cross-site scripting XSS vulnerabilities in functions.inc.php for Double Choco Latte 0.9.4.3 allow remote attackers to inject arbitrary web script or HTML via the 1 class or 2 method name...

CVE-2005-0842

CVE-2005-0842 involves a cross-site scripting (XSS) vulnerability in Kayako eSupport version 2.3. The flaw occurs in index.php via the parameters _i and _c, allowing remote attackers to inject arbitrary web script or HTML in a victim’s browser. The public description does not specify a fix or aff...

CVE-2005-0846

CVE-2005-0846 affects NetWin SurgeMail 2.2g3 and describes multiple XSS vulnerabilities in the email auto-reply message, exploitable via the (1) message subject or (2) message header field to inject arbitrary web script/HTML. Exploitation details are not provided beyond this, but a remediation is...

CVE-2005-0857

CVE-2005-0857 describes a cross-site scripting (XSS) vulnerability in CoolForum 0.8 and earlier, where an attacker can inject arbitrary web script or HTML through the img parameter in avatar.php. The connected documents corroborate this XSS claim, with NVD listing the CVE and Tenable/Nessus plugi...

CVE-2005-0784

Multiple cross-site scripting XSS vulnerabilities in Phorum before 5.0.15 allow remote attackers to inject arbitrary web script or HTML via 1 the subject line to follow.php or 2 the subject line in the user's personal control panel...

CVE-2005-0818

CVE-2005-0818 affects PunBB 1.2.3. The vulnerability is a Cross-site Scripting (XSS) flaw where an attacker can inject arbitrary web script or HTML via the email or Jabber parameters in profile-related input. The connected sources confirm PunBB 1.2.3 as the affected software and specify the vulne...

CVE-2005-0509

Multiple cross-site scripting XSS vulnerabilities in the Mono 1.0.5 implementation of ASP.NET .Net allow remote attackers to inject arbitrary HTML or web script via Unicode representations for ASCII fullwidth characters that are converted to normal ASCII characters, including "" and ""...

CVE-2003-1100

Multiple cross-site scripting XSS vulnerabilities in Hummingbird CyberDOCS 3.5.1, 3.9, and 4.0 allow remote attackers to inject arbitrary web script or HTML via certain vectors...