CVE-2006-2188

Multiple cross-site scripting XSS vulnerabilities in CMScout 1.10 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 the Body field of a private message PM, 2 BBCode, or 3 a forum post...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in CMScout 1.10 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 the Body field of a private message PM, 2 BBCode, or 3 a forum post...

CVE-2006-2188

Multiple cross-site scripting XSS vulnerabilities in CMScout 1.10 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 the Body field of a private message PM, 2 BBCode, or 3 a forum post...

TyroCms beta V1.0 multiple XSS injections

TyroCms beta V1.0 multiple XSS injections Discovered by: Nomenumbra Date: 5/2/2006 impact:moderate privilege escalation,possible defacement TyroCMS is a PHP & MySql powered content management systemcms. Inludes built-in forums, powerful admin control panel, secure user system, and much more. Easi...

Cmscout <= V1.10 multiple XSS attack vectors

Cmscout = V1.10 multiple XSS attack vectors Discovered by: Nomenumbra Date: 5/2/2006 impact:moderate privilege escalation,possible defacement CMScout is a CMS Content management system for scouting related groups from around the world. A CMS is a piece of web software that makes it easy for you t...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in TextFileBB 1.0.16 allow remote attackers to inject arbitrary web script or HTML via Javascript events such as "onmouseover" in the 1 color, 2 size, or 3 url bbcode tags...

CVE-2006-2143

Multiple cross-site scripting XSS vulnerabilities in TextFileBB 1.0.16 allow remote attackers to inject arbitrary web script or HTML via Javascript events such as "onmouseover" in the 1 color, 2 size, or 3 url bbcode tags...

CVE-2006-2143

CVE-2006-2143 describes multiple XSS vulnerabilities in TextFileBB 1.0.16. The issue allows remote attackers to inject arbitrary JavaScript/HTML via onmouseover-based events in the (1) color, (2) size, or (3) url bbcode tags. Affected software: TextFileBB 1.0.16. Root cause: lack of proper input ...

Cross site scripting

Cross-site scripting XSS vulnerability in inc/functionspost.php in MyBB aka MyBulletinBoard 1.10 allows remote attackers to inject arbitrary web script or HTML via a JavaScript event in a BBCode img tag. NOTE: the email vector is already covered by CVE-2006-1625, although it might stem from the...

Cross site scripting

Cross-site scripting XSS vulnerability in inc/functionspost.php in MyBB aka MyBulletinBoard 1.10 allows remote attackers to inject arbitrary web script or HTML via a JavaScript event in a BBCode email tag, as demonstrated using the onmousemove event...

CVE-2006-1625

Cross-site scripting XSS vulnerability in inc/functionspost.php in MyBB aka MyBulletinBoard 1.10 allows remote attackers to inject arbitrary web script or HTML via a JavaScript event in a BBCode email tag, as demonstrated using the onmousemove event...

CVE-2006-1264

Cross-site scripting XSS vulnerability in xhawk.net discussion 2.0 beta2 allows remote attackers to inject arbitrary web script or HTML via a Javascript URI in a BBCode img tag...

Cross site scripting

Cross-site scripting XSS vulnerability in xhawk.net discussion 2.0 beta2 allows remote attackers to inject arbitrary web script or HTML via a Javascript URI in a BBCode img tag...

CVE-2006-1264

Cross-site scripting XSS vulnerability in xhawk.net discussion 2.0 beta2 allows remote attackers to inject arbitrary web script or HTML via a Javascript URI in a BBCode img tag...

CVE-2006-1264

CVE-2006-1264 affects xhawk.net discussion 2.0 beta2. The issue is a Cross-site scripting (XSS) vulnerability where a Javascript URI in a BBCode img tag can be exploited to inject arbitrary script/HTML. The core problem is user-supplied content within a BBCode image tag not properly sanitized, en...

[eVuln] discussion - xhawk.net BBCode 'img' XSS & SQL Injection Vulnerabilities

New eVuln Advisory: discussion - xhawk.net BBCode 'img' XSS & SQL Injection Vulnerabilities http://evuln.com/vulns/92/summary.html --------------------Summary---------------- eVuln ID: EV0092 Vendor: xhawk.net Vendor's Web Site: http://xhawk.net Software: discussion Sowtware's Web Site:...

[SA19215] Jupiter Content Manager "image" BBcode Script Insertion

TITLE: Jupiter Content Manager "image" BBcode Script Insertion SECUNIA ADVISORY ID: SA19215 VERIFY ADVISORY: http://secunia.com/advisories/19215/ CRITICAL: Moderately critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: Jupiter Content Manager 1.x http://secunia.com/product/8685/...

CVE-2006-1223

Cross-site scripting XSS vulnerability in Jupiter Content Manager 1.1.5 and earlier allows remote attackers to inject arbitrary web script or HTML via a Javascript URI in the image BBcode tag...

Cross site scripting

Cross-site scripting XSS vulnerability in Jupiter Content Manager 1.1.5 and earlier allows remote attackers to inject arbitrary web script or HTML via a Javascript URI in the image BBcode tag...

CVE-2006-1223

CVE-2006-1223 affects Jupiter Content Manager 1.1.5 and earlier. The vulnerability is a cross-site scripting (XSS) flaw that lets remote attackers inject arbitrary script or HTML via a Javascript URI in the image BBcode tag. Impact is client-side script execution; no further exploit details or pa...