Cross site scripting

Cross-site scripting XSS vulnerability in the error page in W3-mSQL allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to the top-level URI...

CVE-2008-0146

Cross-site scripting XSS vulnerability in the error page in W3-mSQL allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to the top-level URI...

Cross site scripting

Cross-site scripting XSS vulnerability in the Nullsoft ShoutcastServer 1.9.7 allows remote attackers to inject arbitrary web script or HTML via the top-level URI on the Incoming interface port 8001/tcp, which is not properly handled in the administrator interface when viewing the log file...

CVE-2007-1149

Multiple directory traversal vulnerabilities in LoveCMS 1.4 allow remote attackers to read arbitrary files via a .. dot dot in 1 the step parameter to install/index.php or 2 the load parameter to the top-level URI...

Directory traversal

Multiple directory traversal vulnerabilities in Pyrophobia 2.1.3.1 allow remote attackers to read arbitrary files via a .. dot dot in the 1 act or 2 pid parameter to the top-level URI index.php, or the 3 action parameter to admin/index.php. NOTE: some of these details are obtained from third part...

CVE-2007-0921

Portal Search allows remote attackers to redirect a URL to an arbitrary web site by placing the URL in the query string to the top-level URI...

Cross site scripting

Cross-site scripting XSS vulnerability in Quick Digital Image Gallery Qdig 1.2.9.3 and devel-20060624 allows remote attackers to inject arbitrary web script or HTML via the Qwd parameter to the top-level URI...

DEBIAN-CVE-2007-0341

Cross-site scripting XSS vulnerability in phpMyAdmin 2.8.1 and earlier, when Microsoft Internet Explorer 6 is used, allows remote attackers to inject arbitrary web script or HTML via a javascript: URI in a CSS style in the convcharset parameter to the top-level URI, a different vulnerability than...