9787 matches found
CVE-2005-1072
Cross-site scripting XSS vulnerability in PunBB before 1.2.5 allows remote attackers to inject arbitrary web script or HTML...
CVE-2005-1077
Multiple cross-site scripting XSS vulnerabilities in XAMPP 1.4.x allow remote attackers to inject arbitrary web script or HTML via 1 cds.php, 2 Guestbook-EN.pl, or 3 phonebook.php...
CVE-2005-1010
Cross-site scripting XSS vulnerability in Comersus Cart 6 allows remote attackers to inject arbitrary web script or HTML via the account username...
CVE-2005-0992
Cross-site scripting XSS vulnerability in index.php in phpMyAdmin before 2.6.2-rc1 allows remote attackers to inject arbitrary web script or HTML via the convcharset parameter...
CVE-2005-1006
Multiple cross-site scripting XSS vulnerabilities in SonicWALL SOHO 5.1.7.0 allow remote attackers to inject arbitrary web script or HTML via 1 the URL or 2 the user login name, which is not filtered when the administrator views the log file...
CVE-2005-0981
Multiple cross-site scripting XSS vulnerabilities in AlstraSoft EPay Pro 2.0 allow remote attackers to inject arbitrary web script or HTML via the 1 payment or 2 send parameter...
CVE-2005-0945
Cross-site scripting XSS vulnerability in ACS Blog 1.1.1 allows remote attackers to inject arbitrary web script or HTML via onmouseover or onload events in 1 img, 2 link, or 3 mail tags...
CVE-2005-0924
Cross-site scripting XSS vulnerability in Adventia E-Data 2.0 allows remote attackers to inject arbitrary web script or HTML via a query keyword...
CVE-2005-0914
Multiple cross-site scripting XSS vulnerabilities in CPG Dragonfly 9.0.2.0 allow remote attackers to inject arbitrary web script or HTML via 1 the profile parameter to index.php or 2 the cat parameter...
CVE-2005-0936
Cross-site scripting vulnerability in products1h.php in ESMI PayPal Storefront allows remote attackers to inject arbitrary web script or HTML via the id parameter...
CVE-2005-0873
Multiple cross-site scripting XSS vulnerabilities in test.jsp in Oracle Reports Server 10g 9.0.4.3.3 allow remote attackers to inject arbitrary web script or HTML via the 1 desname or 2 repprod parameter...
CVE-2005-0883
Multiple cross-site scripting XSS vulnerabilities in base.php for DigitalHive 2.0 allow remote attackers to inject arbitrary web script or HTML via 1 the mt parameter to the membres.php page or 2 the -afs-1- query string to the msg.php page...
CVE-2005-0785
Cross-site scripting XSS vulnerability in usersrecentposts in YaBB 2.0 rc1 allows remote attackers to inject arbitrary web script or HTML via the username parameter...
CVE-2001-1416
Multiple cross-site scripting XSS vulnerabilities in the log messages in certain Alpha versions of AOL Instant Messenger AIM 4.4 allow remote attackers to execute arbitrary web script or HTML via an image in the 1 DATA, 2 STYLE, or 3 BINARY tags...
CVE-2005-0723
Cross-site scripting XSS vulnerability in the jumpmenu function in functions.php for paFileDB 3.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the URL parameters, which is not properly cleansed in the $pageurl variable, as demonstrated using pafiledb.php...
CVE-2005-0682
Cross-site scripting XSS vulnerability in common.inc in Drupal before 4.5.2 allows remote attackers to inject arbitrary web script or HTML via certain inputs...
CVE-2004-1055
Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 2.6.0-pl2 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 the PmaAbsoluteUri parameter, 2 the zerorows parameter in readdump.php, 3 the confirm form, or 4 an error message generated by the internal...
CVE-2004-1645
Cross-site scripting XSS vulnerability in Xedus 1.0 allows remote attackers to execute arbitrary web script or HTML via the 1 username parameter to test.x, 2 username parameter to TestServer.x, or 3 param parameter to testgetrequest.x...
CVE-2004-1537
PHP-Kit 1.6.03–1.6.1 contains an XSS flaw in popup.php via the img parameter, enabling remote script execution. Multiple connected advisories corroborate XSS within PHP-Kit
CVE-2005-0085
Cross-site scripting XSS vulnerability in ht://dig htdig before 3.1.6-r7 allows remote attackers to execute arbitrary web script or HTML via the config parameter, which is not properly sanitized before it is displayed in an error message...