CVE-2004-1807

Cross-site scripting XSS vulnerability in index.cfm in CFWebstore 5.0 allows remote attackers to inject arbitrary web script or HTML via the URL...

CVE-2004-1863

Multiple cross-site scripting XSS vulnerabilities in XMB aka extreme message board 1.9 beta aka Nexus beta allow remote attackers to inject arbitrary web script or HTML via 1 the u2uheader parameter in editprofile.php, the restrict parameter in 2 member.php, 3 misc.php, and 4 today.php, and 5 an...

CVE-2004-2015

Cross-site scripting XSS vulnerability in WebCT Campus Edition allows remote attackers to inject arbitrary HTML or web script via 1 iframe, 2 img, or 3 object tags...

CVE-2004-2096

Cross-site scripting XSS vulnerability in Mephistoles httpd 0.6.0 final allows remote attackers to execute arbitrary script as other users by injecting arbitrary HTML or script into the URL...

CVE-2004-2113

Cross-site scripting XSS vulnerability in BremsServer 1.2.4 allows remote attackers to inject arbitrary web script or HTML via the URL...

CVE-2004-2128

Cross-site scripting XSS vulnerability in BRS WebWeaver 1.07 allows remote attackers to execute arbitrary script as other users via the query string to ISAPISkeleton.dll...

CVE-2004-1424

Cross-site scripting XSS vulnerability in view.php in Moodle 1.4.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter...

CVE-2004-1467

Multiple cross-site scripting XSS vulnerabilities in eGroupWare 1.0.00.003 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 date or search text field in the calendar module, 2 Field parameter, Filter parameter, QField parameter, Start parameter or Search field in th...

CVE-2004-2188

Cross-site scripting XSS vulnerability in DMXReady Site Chassis Manager allows remote attackers to inject arbitrary web script or HTML via unknown vectors...

CVE-2004-1506

Multiple cross-site scripting XSS vulnerabilities in WebCalendar allow remote attackers to inject arbitrary web script via 1 viewentry.php, 2 viewd.php, 3 usersel.php, 4 datesel.php, 5 trailer.php, or 6 styles.php, as demonstrated using img srg tags...

CVE-2004-1746

Cross-site scripting XSS vulnerability in index.php in PHP Code Snippet Library allows remote attackers to inject arbitrary web script or HTML via the 1 catselect or 2 show parameters...

CVE-2004-1790

Cross-site scripting XSS vulnerability in the web management interface in Edimax AR-6004 ADSL Routers allows remote attackers to inject arbitrary web script or HTML via the URL...

CVE-2004-1794

Cross-site scripting XSS vulnerability in the VCard4J Toolkit allows remote attackers to inject arbitrary web script or HTML via the NICKNAME tag in a vCard...

CVE-2004-1824

Cross-site scripting XSS vulnerability in Jelsoft vBulletin before 3.0 allows remote attackers to inject arbitrary web script or HTML via the what parameter to memberlist.php...

CVE-2004-2171

Cross-site scripting XSS vulnerability in Cherokee before 0.4.8 allows remote attackers to inject arbitrary web script or HTML via the URL, which is not properly quoted in the resulting error page...

CVE-2004-2199

Cross-site scripting XSS vulnerability in DUware DUclassified 4.0 allows remote attackers to inject arbitrary web script or HTML via the message text...

CVE-2004-1809

Cross-site scripting XSS vulnerability in phpBB 2.0.6d and earlier allows remote attackers to inject arbitrary web script or HTML via the 1 postdays parameter to viewtopic.php or 2 topicdays parameter to viewforum.php...

CVE-2004-1837

Cross-site scripting XSS vulnerability in Modsurvey 3.0.x before 3.0.16-pre2 and 3.2.x before 3.2.0-pre4 allows remote attackers to inject arbitrary web script or HTML via the certain survey fields or error messages for malformed query strings...

CVE-2004-1911

Cross-site scripting XSS vulnerability in AzDGDatingLite 2.1.1 allows remote attackers to inject arbitrary web script or HTML via the 1 l parameter aka language variable to index.php or 2 id parameter to view.php...

CVE-2004-2564

Multiple cross-site scripting XSS vulnerabilities in Sambar Server 6.1 Beta 2 on Windows, and possibly other versions on Linux, allow remote attackers to inject arbitrary web script or HTML via 1 the show parameter in show.asp and 2 the title parameter in showperf.asp...