CVE-2005-3955

Multiple cross-site scripting XSS vulnerabilities in MagpieRSS 7.1, as used in a blogBuddiesv 0.3, b Jaws 0.6.2, and possibly other products, allow remote attackers to inject arbitrary web script or HTML via the 1 url parameter to a magpiedebug.php and 2 rssurl parameter to b magpieslashbox.php a...

CVE-2005-1697

The RSS module in PostNuke 0.750 and 0.760RC2 and RC3 allows remote attackers to obtain sensitive information via a direct request to simplesmarty.php, which reveals the path in an error message...