CVE-2004-2484

Cross-site scripting XSS vulnerability in PHP Gift Registry 1.3.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the message parameter to 1 event.php or 2 index.php...

CVE-2004-2667

Cross-site scripting XSS vulnerability in Lotus Domino 6.0.x before 6.0.4 and 6.5.x before 6.5.2 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors...

CVE-2004-1738

Cross-site scripting XSS vulnerability in page.php in JShop allows remote attackers to inject arbitrary web script or HTML via the xPage parameter...

CVE-2004-2102

Cross-site scripting XSS vulnerability in FREESCO 2.05, a modified version of thttpd, allows remote attackers to inject arbitrary web script or HTML via the test parameter...

CVE-2004-1062

Multiple cross-site scripting XSS vulnerabilities in ViewCVS 0.9.2 allow remote attackers to inject arbitrary HTML and web script via certain error messages...

CVE-2004-1559

Multiple cross-site scripting XSS vulnerabilities in Wordpress 1.2 allow remote attackers to inject arbitrary web script or HTML via the 1 redirectto, text, popupurl, or popuptitle parameters to wp-login.php, 2 redirecturl parameter to admin-header.php, 3 popuptitle, popupurl, content, or posttit...

CVE-2004-1059

Multiple cross-site scripting XSS vulnerabilities in mnoGoSearch 3.2.26 and earlier allow remote attackers to inject arbitrary HTML and web script via the 1 next and 2 prev result search pages, and the 3 extended and 4 simple search forms...

CVE-2004-2017

Multiple cross-site scripting XSS vulnerabilities in Turbo Traffic Trader C TTT-C 1.0 allow remote attackers to inject arbitrary HTML or web script, as demonstrated via 1 the link parameter to ttt-out, 2 the X-Forwarded-For header in a GET request to ttt-in, 3 the Referer header in a GET request ...

CVE-2004-2177

Cross-site scripting XSS vulnerability in DevoyBB Web Forum 1.0.0 allows remote attackers to inject arbitrary web script or HTML via unknown vectors...

CVE-2004-2651

Multiple cross-site scripting XSS vulnerabilities in YaCy before 0.32 allow remote attackers to inject arbitrary web script or HTML via the 1 urlmaskfilter parameter to index.html or the 2 page parameter to Wiki.html...

CVE-2004-1412

Cross-site scripting XSS vulnerability in index.php in Kayako eSupport 2.x allows remote attackers to inject arbitrary web script or HTML via the searchm parameter...

CVE-2004-2267

Cross-site scripting XSS vulnerability in Ansel 2.1 and earlier allows remote attackers to inject arbitrary HTML or web script via the album name...

CVE-2004-2241

Cross-site scripting XSS vulnerability in Phorum 5.0.11 and earlier allows remote attackers to inject arbitrary HTML or web script via search.php. NOTE: some sources have reported that the affected file is read.php, but this is inconsistent with the vendor's patch...

CVE-2004-2059

Multiple cross-site scripting vulnerabilities in ASPRunner 2.4 allow remote attackers to inject arbitrary web script or HTML via the 1 SearchFor parameter in TABLE-NAMEsearch.asp, 2 SQL parameter in TABLE-NAMEedit.asp, 3 SearchFor parameter in TABLElist.asp, or 4 SQL parameter in export.asp...

CVE-2004-2494

Cross-site scripting XSS vulnerability in error in Ability Mail Server 1.18 allows remote attackers to inject arbitrary web script or HTML via the erromsg parameter...

CVE-2004-2585

Cross-site scripting XSS vulnerability in frmCompose.aspx in SmarterTools SmarterMail 1.6.1511 and 1.6.1529 allows remote attackers to inject arbitrary web script or HTML via Javascript to the "check spelling" feature in the compose area...

CVE-2004-1384

Multiple cross-site scripting XSS vulnerabilities in phpGroupWare 0.9.16.003 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 kp3, 2 type, 3 msg, 4 forumid, 5 pos, 6 catsapp, 7 catid, 8 msgballmsgnum, 9 fldballacctnum parameters to index.php or 10 ticketid to...

CVE-2004-2444

Cross-site scripting XSS vulnerability in index.php in Jaws 0.3 allows remote attackers to inject arbitrary web script or HTML via the action parameter...

CVE-2004-1410

Cross-site scripting XSS vulnerability in Gadu-Gadu build 155 and earlier allows remote attackers to inject arbitrary web script via a URL, which is echoed in a popup window that displays a parsing error message, a different vulnerability than CVE-2004-1229...

CVE-2004-1213

The CVE-2004-1213 entry concerns an XSS vulnerability in the index.php of Advanced Guestbook versions 2.3.1, 2.2, and potentially other releases. The issue allows remote attackers to inject arbitrary web scripts or HTML via the entry parameter. The description provided with the CVE states the vul...