Cross site scripting

Cross-site scripting XSS vulnerability in PHPKIT 1.6.03 allows remote attackers to inject arbitrary web script or HTML via the error parameter to include.php, possibly due to a problem in login/login.php...

CVE-2006-1507

Cross-site scripting XSS vulnerability in PHPKIT 1.6.03 allows remote attackers to inject arbitrary web script or HTML via the error parameter to include.php, possibly due to a problem in login/login.php...

CVE-2004-1879

CVE-2004-1879 describes a cross-site scripting (XSS) vulnerability in PHPKIT 1.6.03, allowing remote attackers to inject arbitrary web script or HTML through forum messages. The available documents do not specify the exact vector (stored vs reflected) or impact beyond the ability to execute scrip...

CVE-2003-1187

CVE-2003-1187 is a documented XSS vulnerability in PHPKIT, affecting versions 1.6.02 and 1.6.03. The issue resides in include.php where the contact_email parameter can be used by remote attackers to inject arbitrary script or HTML. The known impact is cross-site scripting, enabling credential-ste...

CVE-2004-1537

PHP-Kit 1.6.03–1.6.1 contains an XSS flaw in popup.php via the img parameter, enabling remote script execution. Multiple connected advisories corroborate XSS within PHP-Kit