CVE-2005-0549

Cross-site scripting XSS vulnerability in Solaris AnswerBook2 Documentation 1.4.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the "View Log Files" function...

CVE-2005-0656

CVE-2005-0656 affects auraCMS 1.5 with multiple XSS vulnerabilities. The issues allow remote attackers to inject arbitrary web script or HTML through (1) hits.php via the hits parameter, (2) index.php via an unspecified query parameter, and (3) counter.php via the theCount parameter. The NVD entr...

CVE-2005-0660

CVE-2005-0660 affects D-Forum 1.11 with multiple cross-site scripting (XSS) vulnerabilities. The issue allows remote attackers to inject arbitrary script/HTML via certain fields, demonstrated using the page parameter in nav.php3. NVD notes network attack vector, medium complexity, no authenticati...

CVE-2005-0650

CVE-2005-0650 : Multiple cross-site scripting vulnerabilities in ProjectBB 0.4.5.1 allow remote injection of arbitrary script/HTML. Affected vectors include (1) the pages parameter to divers.php, (2) the search feature text area, (3) forum name, (4) site name, or (5) the maximum avatar size in th...

CVE-2004-1738

Cross-site scripting XSS vulnerability in page.php in JShop allows remote attackers to inject arbitrary web script or HTML via the xPage parameter...

CVE-2004-1746

The CVE-2004-1746 entry describes a Cross-site scripting (XSS) vulnerability in PHP Code Snippet Library’s index.php, exploitable via the cat_select and show parameters. The underlying issue is inadequate input sanitization in index.php, allowing remote attackers to inject arbitrary JavaScript in...

CVE-2004-1730

CVE-2004-1730 is an XSS vulnerability in the Mantis bugtracker. The issue allows remote attackers to inject arbitrary script/HTML via four vectors: (1) the return parameter to login_page.php, (2) the e-mail field in signup.php, (3) the action parameter to login_select_proj_page.php, and (4) the h...

CVE-2005-0543

Cross-site scripting XSS vulnerability in phpMyAdmin 2.6.1 allows remote attackers to inject arbitrary HTML and web script via 1 the strServer, cfgBgcolorOne, or strServerChoice parameters in selectserver.lib.php, 2 the bgcolor or rowno parameters in displaytbllinks.lib.php, the leftfontfamily...

CVE-2005-0514

Cross-site scripting XSS vulnerability in Verity Ultraseek before 5.3.3 allows remote attackers to inject arbitrary HTML and web script via search parameters...

CVE-2004-1559

Multiple cross-site scripting XSS vulnerabilities in Wordpress 1.2 allow remote attackers to inject arbitrary web script or HTML via the 1 redirectto, text, popupurl, or popuptitle parameters to wp-login.php, 2 redirecturl parameter to admin-header.php, 3 popuptitle, popupurl, content, or posttit...

CVE-2004-1659

Cross-site scripting XSS vulnerability in index.php in CuteNews 1.3.6 and earlier allows remote attackers with Administrator, Editor, Journalist or Commenter privileges to inject arbitrary web script or HTML via the mod parameter...

CVE-2004-1559

Multiple cross-site scripting XSS vulnerabilities in Wordpress 1.2 allow remote attackers to inject arbitrary web script or HTML via the 1 redirectto, text, popupurl, or popuptitle parameters to wp-login.php, 2 redirecturl parameter to admin-header.php, 3 popuptitle, popupurl, content, or posttit...

CVE-2005-0480

CVE-2005-0480 is a cross-site scripting (XSS) vulnerability in TrackerCam 5.12 and earlier. The issue arises from accepting a login request that is recorded in a log file but not properly sanitized when an administrator views the log, allowing remote attackers to inject arbitrary HTML or web scri...

CVE-2005-0477

The CVE-2005-0477 entry describes a Cross-site scripting (XSS) vulnerability in the SML code of Invision Power Board 1.3.1 FINAL. The issue can be triggered by crafted content in (1) a signature file or (2) a message post containing an IMG tag within a COLOR tag whose style is set to background:u...

CVE-2005-0495

Cross-site scripting XSS vulnerability in ZeroBoard allows remote attackers to inject arbitrary web script or HTML via the 1 sn1, 2 year, or 3 page parameter to zboard.php or 4 filename to viewimage.php...

CVE-2005-0434

Multiple cross-site scripting XSS vulnerabilities in Php-Nuke 7.5 allow remote attackers to inject arbitrary HTML or web script via 1 the newdownloadshowdays parameter in a NewDownloads operation or 2 the newlinkshowdays parameter in a NewLinks operation...

CVE-2005-0434

Multiple cross-site scripting XSS vulnerabilities in Php-Nuke 7.5 allow remote attackers to inject arbitrary HTML or web script via 1 the newdownloadshowdays parameter in a NewDownloads operation or 2 the newlinkshowdays parameter in a NewLinks operation...

CVE-2005-0412

CVE-2005-0412 is an XSS vulnerability in Spidean PostWrap that allows remote attackers to inject arbitrary HTML and web script via the page parameter. Public references confirm the issue exists, with CVSSv2 base score 6.8 (MEDIUM) and impact partial confidentiality, integrity, and availability. T...

CVE-2004-1441

Cross-site scripting XSS vulnerability in icq.cgi in Board Power 2.04PF allows remote attackers to inject arbitrary web script or HTML via the action parameter...

CVE-2005-0374

CVE-2005-0374 affects BiTBOARD (2.5 and earlier). The issue is a cross-site scripting (XSS) vulnerability exploitable via an [img] bbcode image tag with an event (e.g., mouseover). Documented impact includes potential cookie theft and partial integrity impact on affected pages. Remediation shown ...