CVE-2005-3285

Cross-site scripting XSS vulnerability in comersusbackofficesearchItemForm.asp in Comersus BackOffice Plus allows remote attackers to inject arbitrary web script or HTML via the 1 forwardTo1, 2 forwardTo2, 3 nameFT1, or 4 nameFT2 parameters...

CVE-2009-3367

Multiple cross-site scripting XSS vulnerabilities in An image gallery 1.0 allow remote attackers to inject arbitrary web script or HTML via the path parameter to 1 index.php and 2 main.php, and the 3 show parameter to main.php. NOTE: the provenance of this information is unknown; the details are...

CVE-2005-3165

Multiple cross-site scripting XSS vulnerabilities in MediaWiki before 1.4.9 allow remote attackers to inject arbitrary web script or HTML via 1 tags or 2 Extension or sections that "bypass HTML style attribute restrictions" that are intended to protect against XSS vulnerabilities in Internet...

CVE-2005-3078

Cross-site scripting XSS vulnerability in PunBB before 1.2.8 allows remote attackers to inject arbitrary web script or HTML via the "forgotten e-mail" feature...

CVE-2006-5321

Multiple cross-site scripting XSS vulnerabilities in phplist before 2.10.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2007-5142

Cross-site scripting XSS vulnerability in buscar.asp in Solidweb Novus 1.0 allows remote attackers to inject arbitrary web script or HTML via the p parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

CVE-2006-4941

Multiple cross-site scripting XSS vulnerabilities in Moodle before 1.6.2 might allow remote attackers to inject arbitrary web script or HTML via 1 the choose parameter in files/index.php and 2 the sub parameter in doc/index.php...

CVE-2006-4711

Multiple cross-site scripting XSS vulnerabilities in Sage allow remote attackers to inject arbitrary web script or HTML via an Atom 1.0 feed, as demonstrated by certain test cases of the James M. Snell Atom 1.0 feed reader test suite...

CVE-2009-3120

Cross-site scripting XSS vulnerability in public/index.php in BIGACE Web CMS 2.6 allows remote attackers to inject arbitrary web script or HTML via the id parameter. NOTE: some of these details are obtained from third party information...

CVE-2005-4858

Multiple cross-site scripting XSS vulnerabilities in mimic2.cgi in mimicboard2 Mimic2 086 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified parameters associated with the 1 name, 2 title, and 3 comment sections, as demonstrated by referencing a remote...

CVE-2005-2138

Cross-site scripting XSS vulnerability in index.php in Comdev eCommerce 3.0 and 3.1 allows remote attackers to inject arbitrary web script or HTML via Javascript in the onMouseOver event of an "A" tag in a review message...

CVE-2005-2021

Cross-site scripting XSS vulnerability in cPanel 9.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the user parameter in the login page...

CVE-2009-3057

Multiple cross-site scripting XSS vulnerabilities in AOM Software Beex 3 allow remote attackers to inject arbitrary web script or HTML via the navaction parameter to 1 news.php and 2 partneralle.php...

CVE-2002-2359

Cross-site scripting XSS vulnerability in the FTP view feature in Mozilla 1.0 allows remote attackers to inject arbitrary web script or HTML via the title tag of an ftp URL...

CVE-2008-1174

Cross-site scripting XSS vulnerability in editUser.asp in AuthentiX 6.3b1 Trial allows remote attackers to inject arbitrary web script or HTML via the username parameter...

CVE-2002-2321

Cross-site scripting XSS vulnerability in 1 showcat.php and 2 addyoursite.php in phpLinkat 0.1.0 allows remote attackers to inject arbitrary web script or HTML via the catid parameter...

CVE-2008-1175

Cross-site scripting XSS vulnerability in AuthentiX 6.3b1 Trial allows remote attackers to inject arbitrary web script or HTML via the username parameter to aspAdmin/deleteUser.asp, a different vector than CVE-2008-1174. NOTE: the provenance of this information is unknown; the details are obtaine...

CVE-2002-2062

Cross-site scripting XSS vulnerability in ftp.htt in Internet Explorer 5.5 and 6.0, when running on Windows 2000 with "Enable folder view for FTP sites" and "Enable Web content in folders" selected, allows remote attackers to inject arbitrary web script or HTML via the hostname portion of an FTP...

CVE-2002-1995

Cross-site scripting XSS vulnerability in phptonuke.php for PHP-Nuke allows remote attackers to inject arbitrary web script or HTML via the filnavn parameter...

CVE-2002-1931

Cross-site scripting XSS vulnerability in PHP Arena paFileDB 1.1.3 and 2.1.1 allows remote attackers to inject arbitrary web script or HTML via Javascript in the search string...