CVE-2004-1055

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 2.6.0-pl2 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 the PmaAbsoluteUri parameter, 2 the zerorows parameter in readdump.php, 3 the confirm form, or 4 an error message generated by the internal...

CVE-2004-1700

Cross-site scripting XSS vulnerability in SettingsBase.php in Pinnacle ShowCenter 1.51 build 121 allows remote attackers to inject arbitrary HTML or web script via the Skin parameter, which is echoed in an error message...

CVE-2004-0787

Cross-site scripting XSS vulnerability in the web frontend in OpenCA 0.9.1-8 and earlier, and 0.9.2 RC6 and earlier, allows remote attackers to inject arbitrary web script or HTML via the form input fields...

CVE-2004-1648

Cross-site scripting XSS vulnerability in 1 index.asp, 2 ChangePassword.asp, 3 userslist.asp, 4 and usersadd.asp in Password Protect allows remote attackers to inject arbitrary web script or HTML via the ShowMsg parameter...

CVE-2004-0725

Cross-site scripting XSS vulnerability in help.php in Moodle 1.3.2 and 1.4 dev allows remote attackers to inject arbitrary web script or HTML via the file parameter...

CVE-2004-0730

Multiple cross-site scripting XSS vulnerabilities in PhpBB 2.0.8 allow remote attackers to inject arbitrary web script or HTML via 1 the cattitle parameter in index.php, 2 the faq00 parameter in langfaq.php as accessible from faq.php, or 3 the faq00 parameter in langbbcode.php as accessible from...

CVE-2004-0591

CVE-2004-0591 describes a cross-site scripting (XSS) vulnerability in SqWebMail’s print_header_uc function affecting SqWebMail 4.0.4 and earlier (possibly 3.x). An attacker can inject arbitrary script via (1) email headers or (2) a message with a “message/delivery-status” MIME type, executing in ...

CVE-2004-2040

Multiple cross-site scripting XSS vulnerabilities in e107 0.615 allow remote attackers to inject arbitrary web script or HTML via the 1 LAN407 parameter to clockmenu.php, 2 "email article to a friend" field, 3 "submit news" field, or 4 avmsg parameter to usersettings.php...

CVE-2004-2030

Multiple cross-site scripting XSS vulnerabilities in index.jsp for Liferay before 2.2.0 release 10/1/2004 allow remote attackers to inject arbitrary web script or HTML, as demonstrated using the message subject...

CVE-2004-1954

Cross-site scripting XSS vulnerability in modules.php in phProfession 2.5 allows remote attackers to inject arbitrary web script or HTML via the jcode parameter...

CVE-2004-1930

Cross-site scripting XSS vulnerability in the cookiedecode function in mainfile.php for PHP-Nuke 6.x through 7.2, when themes are used, allows remote attackers to inject arbitrary web script or HTML via a base64-encoded user parameter or cookie...

CVE-2004-1924

Multiple cross-site scripting XSS vulnerabilities in Tiki CMS/Groupware TikiWiki 1.8.1 and earlier allow remote attackers to inject arbitrary web script or HTML via via the 1 theme parameter to tiki-switchtheme.php, 2 find and priority parameters to messu-mailbox.php, 3 flag, priority, flagval,...

CVE-2004-1874

Multiple cross-site scripting XSS vulnerabilities in 1 deliver.asp and 2 billing.asp in A-CART Pro and A-CART 2.0 allow remote attackers to inject arbitrary web script or HTML via the user information forms...

CVE-2004-1849

Multiple cross-site scripting XSS vulnerabilities in cPanel 9.1.0 allow remote attackers to inject arbitrary web script or HTML via the 1 email parameter to dodelautores.html or 2 handle parameter to addhandle.html...

CVE-2004-2085

Multiple cross-site scripting XSS vulnerabilities in Brad Fears phpCodeCabinet 0.4 and earlier allow remote attackers to inject arbitrary web script or HTML via multiple parameters, including 1 the sid parameter to comments.php, 2 the cid, cf, or rfd parameters to category.php, or the cid paramet...

CVE-2004-0034

Multiple cross-site scripting XSS vulnerabilities in Phorum 3.4.5 and earlier allow remote attackers to inject arbitrary HTML or web script via 1 the phorumcheckxss function in common.php, 2 the EditError variable in profile.php, and 3 the Error variable in login.php...

CVE-2004-0046

Cross-site scripting XSS vulnerability in SnapStream PVS LITE allows remote attackers to inject arbitrary web script or HTML via a GET request containing a terminating '"' double quote character...

CVE-2004-0046

The CVE-2004-0046 entry describes an XSS vulnerability in SnapStream PVS LITE. The issue allows remote attackers to inject arbitrary web script or HTML via a GET request containing a terminating '"' character. Affected component: SnapStream PVS LITE web interface; root cause: improper handling of...

CVE-2003-1467

Multiple cross-site scripting XSS vulnerabilities in 1 login.php, 2 register.php, 3 post.php, and 4 common.php in Phorum before 3.4.3 allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors...

CVE-2003-1549

Cross-site scripting XSS vulnerability in header.php in MyABraCaDaWeb 1.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the makw parameter...