25 matches found
CVE-2005-2689
Multiple cross-site scripting XSS vulnerabilities in PostNuke 0.760-RC4b allows remote attackers to inject arbitrary web script or HTML via 1 the moderate parameter to the Comments module or 2 htmltext parameter to html/user.php...
CVE-2005-2689
Multiple cross-site scripting XSS vulnerabilities in PostNuke 0.760-RC4b allows remote attackers to inject arbitrary web script or HTML via 1 the moderate parameter to the Comments module or 2 htmltext parameter to html/user.php...
CVE-2004-1655
Cross-site scripting XSS vulnerability in phpWebsite 0.9.3-4 and earlier allows remote attackers to inject arbitrary web script or HTML via the 1 CMpid parameter in the comments module or 2 the subject or message fields in the notes module...
CVE-2004-1949
SQL injection vulnerability in PostNuke 7.2.6 and earlier allows remote attackers to execute arbitrary SQL via 1 the sif parameter to index.php in the Comments module or 2 timezoneoffset parameter to changeinfo.php in the YourAccount module...
CVE-2004-1655
Cross-site scripting XSS vulnerability in phpWebsite 0.9.3-4 and earlier allows remote attackers to inject arbitrary web script or HTML via the 1 CMpid parameter in the comments module or 2 the subject or message fields in the notes module...