CVE-2009-2370

Cross-site scripting XSS vulnerability in Advanced Forum 5.x before 5.x-1.1 and 6.x before 6.x-1.1, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2009-2226

Cross-site scripting XSS vulnerability in Let's PHP! Tree BBS 2004/11/23 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2009-2437

Multiple cross-site scripting XSS vulnerabilities in index.php in Rentventory 1.0.1 allow remote attackers to inject arbitrary web script or HTML via the 1 username aka Login and 2 password parameters in a login action...

CVE-2009-2636

Cross-site scripting XSS vulnerability in the Integration page in the WebMail component in Kerio MailServer 6.6.0, 6.6.1, 6.6.2, and 6.7.0 allows remote attackers to inject arbitrary web script or HTML via an e-mail message...

CVE-2009-0805

Cross-site scripting XSS vulnerability in piCal 0.91h and earlier, a module for XOOPS, allows remote attackers to inject arbitrary web script or HTML via the eventid parameter in index.php...

CVE-2003-1293

Multiple cross-site scripting XSS vulnerabilities in NukedWeb GuestBookHost allow remote attackers to inject arbitrary web script or HTML via the 1 Name, 2 Email and 3 Message fields when signing the guestbook...

CVE-2007-6460

Multiple cross-site scripting XSS vulnerabilities in Anon Proxy Server before 0.101 allow remote attackers to inject arbitrary web script or HTML via the URI, which is later displayed by 1 log.php or 2 logerror.php, a different vulnerability than CVE-2007-6459...

CVE-2004-2568

Multiple cross-site scripting XSS vulnerabilities in ReciPants 1.1.1 allow remote attackers to inject arbitrary web script or HTML via the 1 user id, 2 recipe id, 3 category id, and 4 other ID number fields...

CVE-2008-1075

Cross-site scripting XSS vulnerability in index.php in Maian Cart 1.1 allows remote attackers to inject arbitrary web script or HTML via the keywords parameter in a search command. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

CVE-2008-0684

Cross-site scripting XSS vulnerability in ViewCat.php in iTechClassifieds 3.0 allows remote attackers to inject arbitrary web script or HTML via the CatID parameter...

CVE-2002-2339

Cross-site scripting XSS vulnerability in configure.asp in Script-Shed GuestBook 1.0 allows remote attackers to inject arbitrary web script or HTML via a javascript: URL in 1 image, 2 img, 3 image=right, 4 img=right, 5 image=left, and 6 img=left tags...

CVE-2002-2347

Cross-site scripting XSS vulnerability in Oracle Java Server Page OJSP demo files 1 hellouser.jsp, 2 welcomeuser.jsp and 3 usebean.jsp in Oracle 9i Application Server 9.0.2, 1.0.2.2, 1.0.2.1s and 1.0.2 allows remote attackers to inject arbitrary web script or HTML via the text entry field...

CVE-2006-5130

Multiple cross-site scripting XSS vulnerabilities in ph03y3nk just another flat file JAF CMS 4.0 RC1 allow remote attackers to inject arbitrary web script or HTML via the 1 name, 2 url, 3 title, and 4 about parameters in a forum post. NOTE: the provenance of this information is unknown; the detai...

CVE-2006-0463

Cross-site scripting XSS vulnerability in IdeoContent Manager allows remote attackers to inject arbitrary web script or HTML via the 1 gotoid parameter to index.php or 2 page parameter to newsfull.php...

CVE-2005-2207

Cross-site scripting XSS vulnerability in store/login.asp in CartWIZ allows remote attackers to inject arbitrary web script or HTML via the message parameter...

CVE-2009-3260

Cross-site scripting XSS vulnerability in LiveStreet 0.2 allows remote attackers to inject arbitrary web script or HTML via the header of the topic in a comment...

CVE-2008-6835

Cross-site scripting XSS vulnerability in OpenID 5.x before 5.x-1.2, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2009-2170

Multiple cross-site scripting XSS vulnerabilities in Mahara 1.0 before 1.0.12 and 1.1 before 1.1.5 allow remote attackers to inject arbitrary web script or HTML via unknown vectors...

CVE-2006-1034

Multiple cross-site scripting XSS vulnerabilities in Woltlab Burning Board wBB allow remote attackers to inject arbitrary web script or HTML via 1 the username parameter to galerieindex.php and possibly 2 galerieonfly.php. NOTE: the provenance of this information is unknown; the details are...

CVE-2005-3292

Multiple cross-site scripting XSS vulnerabilities in Xeobook 0.93 allow remote attackers to inject arbitrary web script or HTML via Javascript events in tages such as...