CVE-2007-3761

Cross-site scripting XSS vulnerability in Safari in Apple iPhone 1.1.1 allows remote attackers to inject arbitrary web script or HTML by causing Javascript events to be applied to a frame in another domain...

CVE-2007-3761

Cross-site scripting XSS vulnerability in Safari in Apple iPhone 1.1.1 allows remote attackers to inject arbitrary web script or HTML by causing Javascript events to be applied to a frame in another domain...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the AkoBook 3.42 and earlier component comakobook for Mambo allow remote attackers to inject arbitrary web script or HTML via Javascript events in the 1 gbmail and 2 gbpage parameters in the sign function...

CVE-2007-4745

Multiple cross-site scripting XSS vulnerabilities in the AkoBook 3.42 and earlier component comakobook for Mambo allow remote attackers to inject arbitrary web script or HTML via Javascript events in the 1 gbmail and 2 gbpage parameters in the sign function...

CVE-2007-4745

AkoBook 3.42 and earlier (component com_akobook) for Mambo contain multiple cross-site scripting (XSS) vulnerabilities. The issue arises in the sign function, where attacker-controlled Javascript events in the parameters (gbmail and gbpage) can be injected to execute scripts in the victim’s brows...

CVE-2006-4577

Multiple cross-site scripting XSS vulnerabilities in The Address Book 1.04e allow remote attackers to inject arbitrary web script or HTML via Javascript events in the 1 email, 2 websites, and 3 groupAddName parameters in a save.php; the 4 errorMsg parameter in b index.php; and the 5 goTo and 6...

CVE-2006-4577

CVE-2006-4577 affects The Address Book 1.04e. It contains multiple cross-site scripting (XSS) vulnerabilities allowing an attacker to inject arbitrary scripts via: (1) email, (2) websites, (3) groupAddName in save.php; (4) errorMsg in index.php; (5) goTo and (6) search in search.php. CVSS v2 base...

CVE-2006-4577

Multiple cross-site scripting XSS vulnerabilities in The Address Book 1.04e allow remote attackers to inject arbitrary web script or HTML via Javascript events in the 1 email, 2 websites, and 3 groupAddName parameters in a save.php; the 4 errorMsg parameter in b index.php; and the 5 goTo and 6...

CVE-2006-4253

Concurrency vulnerability in Mozilla Firefox 1.5.0.6 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via multiple Javascript timed events that load a deeply nested XML file, followed by redirecting the browser to another page, which leads...

CVE-2006-3383

Cross-site scripting XSS vulnerability in index.php in mAds 1.0 allows remote attackers to inject arbitrary web script or HTML via Javascript events such as onmouseover within a URL. NOTE: the provenance of this information is unknown; the details are obtained solely from third party reports...

CVE-2006-3383

Cross-site scripting XSS vulnerability in index.php in mAds 1.0 allows remote attackers to inject arbitrary web script or HTML via Javascript events such as onmouseover within a URL. NOTE: the provenance of this information is unknown; the details are obtained solely from third party reports...

CVE-2006-2900

Internet Explorer 6 allows user-assisted remote attackers to read arbitrary files by tricking a user into typing the characters of the target filename in a text box and using the OnKeyDown, OnKeyPress, and OnKeyUp Javascript keystroke events to change the focus and cause those characters to be...

CVE-2006-2894

Mozilla Firefox 1.5.0.4, 2.0.x before 2.0.0.8, Mozilla Suite 1.7.13, Mozilla SeaMonkey 1.0.2 and other versions before 1.1.5, and Netscape 8.1 and earlier allow user-assisted remote attackers to read arbitrary files by tricking a user into typing the characters of the target filename in a text bo...

CVE-2006-2143

Multiple cross-site scripting XSS vulnerabilities in TextFileBB 1.0.16 allow remote attackers to inject arbitrary web script or HTML via Javascript events such as "onmouseover" in the 1 color, 2 size, or 3 url bbcode tags...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in TextFileBB 1.0.16 allow remote attackers to inject arbitrary web script or HTML via Javascript events such as "onmouseover" in the 1 color, 2 size, or 3 url bbcode tags...

CVE-2006-2143

Multiple cross-site scripting XSS vulnerabilities in TextFileBB 1.0.16 allow remote attackers to inject arbitrary web script or HTML via Javascript events such as "onmouseover" in the 1 color, 2 size, or 3 url bbcode tags...

CVE-2006-2143

CVE-2006-2143 describes multiple XSS vulnerabilities in TextFileBB 1.0.16. The issue allows remote attackers to inject arbitrary JavaScript/HTML via onmouseover-based events in the (1) color, (2) size, or (3) url bbcode tags. Affected software: TextFileBB 1.0.16. Root cause: lack of proper input ...

Cross site scripting

Cross-site scripting XSS vulnerability in adminsmilies.php in phpBB 2.0.19 allows remote attackers to inject arbitrary web script or HTML via Javascript events such as "onmouseover" in the 1 smileurl or 2 smileemotion parameters, which bypasses a check for "" characters...

CVE-2006-0437

Cross-site scripting XSS vulnerability in adminsmilies.php in phpBB 2.0.19 allows remote attackers to inject arbitrary web script or HTML via Javascript events such as "onmouseover" in the 1 smileurl or 2 smileemotion parameters, which bypasses a check for "" characters...

CVE-2005-4877

Cross-site scripting XSS vulnerability in the login form login.jsp of the admin console in Openfire formerly Wildfire 2.3.0 Beta 2 allows remote attackers to inject arbitrary web script or HTML via Javascript events in the username parameter, a different vulnerability than CVE-2005-4876...