CVE-2005-0378

Multiple cross-site scripting XSS vulnerabilities in Horde 3.0 allow remote attackers to inject arbitrary web script or HTML via the 1 group parameter to prefs.php or 2 url parameter to index.php...

CVE-2004-1418

CVE-2004-1418 affects WPKontakt 3.0.1 and earlier. The vulnerability is a cross-site scripting (XSS) flaw where an e-mail address is not quoted during a parsing error, allowing an attacker to inject arbitrary web script or HTML. Documented impact indicates partial integrity compromise with no con...

CVE-2004-1397

CVE-2004-1397 affects UseModWiki 1.0 and is caused by a vulnerability in the CGI script wiki.pl that allows remote attackers to execute arbitrary script/HTML via an argument. The impact noted in sources is partial integrity loss with no confidentiality or availability impact per the CVSS vector, ...

CVE-2004-1397

Cross-site scripting XSS vulnerability in UseModWiki 1.0 allows remote attackers to inject arbitrary web script or HTML via an argument to wiki.pl...

CVE-2004-1424

Cross-site scripting XSS vulnerability in view.php in Moodle 1.4.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter...

CVE-2005-0264

Multiple cross-site scripting XSS vulnerabilities in browse.php in OWL 0.7 and 0.8 allow remote attackers to inject arbitrary web script or HTML via the 1 expand or 2 order parameter...

CVE-2005-0307

Multiple cross-site scripting XSS vulnerabilities in index.php in MercuryBoard 1.1.1 allow remote attackers to inject arbitrary web script or HTML via the 1 s, 2 l, 3 a, 4 t, 5 to, or 6 re parameters...

CVE-2005-0314

Cross-site scripting XSS vulnerability in user.php in Magic Winmail Server 4.0 Build 1112 allows remote attackers to inject arbitrary web script or HTML via the personal information fields...

CVE-2005-0307

MercuryBoard 1.1.1 is affected by CVE-2005-0307 due to multiple XSS in index.php, allowing remote injection of arbitrary script or HTML via the (1) s, (2) l, (3) a, (4) t, (5) to, or (6) re parameters. The vulnerability is documented in CVE records and corroborated by OpenVAS noting multiple vuln...

CVE-2005-0309

Multiple cross-site scripting XSS vulnerabilities in 1 index.php or 2 mod.php in Exponent 0.95 allow remote attackers to inject arbitrary web script or HTML via the module parameter...

CVE-2005-0219

CVE-2005-0219 : The connected sources describe multiple XSS vulnerabilities in Gallery 1.3.4-pl1, allowing remote attackers to inject arbitrary script/HTML via fields in add_comment.php (index), slideshow_low.php (set_albumName, slide_index, slide_full, slide_loop, slide_pause, slide_dir), and se...

CVE-2005-0219

Multiple cross-site scripting XSS vulnerabilities in Gallery 1.3.4-pl1 allow remote attackers to inject arbitrary web script or HTML via 1 the index field in addcomment.php, 2 setalbumName, 3 slideindex, 4 slidefull, 5 slideloop, 6 slidepause, 7 slidedir fields in slideshowlow.php, or 8 username...

CVE-2004-1384

Multiple cross-site scripting XSS vulnerabilities in phpGroupWare 0.9.16.003 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 kp3, 2 type, 3 msg, 4 forumid, 5 pos, 6 catsapp, 7 catid, 8 msgballmsgnum, 9 fldballacctnum parameters to index.php or 10 ticketid to...

CVE-2004-1384

CVE-2004-1384 refers to multiple XSS vulnerabilities in phpGroupWare 0.9.16.003 and earlier, exploitable via parameters to index.php or ticket_id to viewticket_details.php. Related CVEs include CVE-2004-1383 (SQL injection) and CVE-2004-1385 (information disclosure). Public sources consistently d...

CVE-2005-0320

Multiple cross-site scripting vulnerabilities in MERAK Mail Server 7.6.0 with Icewarp Web Mail 5.3.0 allow remote attackers to inject arbitrary web script or HTML via the 1 username parameter to login.html, 2 accountid parameter to accountsettingsadd.html, or the 3 note, 4 title, and 5 location...

CVE-2005-0381

Cross-site scripting XSS vulnerability in f.aspx in forumKIT 1.0 allows remote attackers to inject arbitrary web script or HTML via the members parameter...

CVE-2004-1202

Cross-site scripting XSS vulnerability in parser.php in phpCMS 1.2.1 and earlier, with non-stealth and debug modes enabled, allows remote attackers to inject arbitrary web script or HTML via the file parameter...

CVE-2005-0266

Cross-site scripting XSS vulnerability in index.php in SugarCRM 1.X allows remote attackers to inject arbitrary web script or HTML via the 1 returnmodule, 2 returnaction, 3 name, 4 module, or 5 record parameter...

CVE-2004-2568

Multiple cross-site scripting XSS vulnerabilities in ReciPants 1.1.1 allow remote attackers to inject arbitrary web script or HTML via the 1 user id, 2 recipe id, 3 category id, and 4 other ID number fields...

CVE-2004-2293

Multiple cross-site scripting XSS vulnerabilities in PHP-Nuke 6.0 to 7.3 allow remote attackers to inject arbitrary web script or HTML via the 1 eid parameter or 2 query parameter to the Encyclopedia module, 3 previewreview function in the Reviews module as demonstrated by the url, cover,...