PostNuke Phoenix 0.726 openwindow.php hlpfile Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/10191/info Multiple vulnerabilities were reported to exist in PostNuke Phoenix. The following specific vulnerabilities were reported: - Multiple path disclosure vulnerabilities that occur when a user directly requests...

Unfixed XSS vulnerability at www.albasoul.com

Security researcher flux, has submitted on 25/03/2008 a cross-site-scripting XSS vulnerability affecting www.albasoul.com, which at the time of submission ranked 65940 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 30/03/2008. It is currently...

CVE-2005-2886

Multiple cross-site scripting XSS vulnerabilities in MAXdev MD-Pro 1.0.73, and possibly earlier versions, allow remote attackers to inject arbitrary web script or HTML via 1 the print parameter to the print module, the sitename parameter to 2 bbsmilies or 3 bbcoderef module, or 4 the hlpfile...

CVE-2004-1957

Multiple XSS vulnerabilities affect PostNuke 0.726. Affected vectors include (1) lid and a query parameter to the Downloads module, (2) a query parameter to the Web_links module, and (3) the hlpfile parameter to openwindow.php, enabling remote attackers to inject arbitrary web script or HTML. The...

CVE-2004-1957

Multiple cross-site scripting XSS vulnerabilities in PostNuke 0.726 allows remote attackers to inject arbitrary web script or HTML via the 1 lid and query parameters to the Downloads module, 2 query parameter to the Weblinks module, or 3 hlpfile parameter to openwindow.php...