4 matches found
CVE-2006-1968
CVE-2006-1968 describes a cross-site scripting (XSS) vulnerability in KCScripts News Publisher (Portal Pack 6.0 and earlier) affecting the news/NsVisitor.cgi component. The issue arises from the sort_order parameter, allowing remote attackers to inject arbitrary web script or HTML. Public sources...
CVE-2006-1970
CVE-2006-1970 denotes a cross-site scripting (XSS) vulnerability in the classifieds/viewcat.cgi component of KCScripts Classifieds, distributed standalone and as part of Portal Pack 6.0 and earlier. The issue allows remote attackers to inject arbitrary web script or HTML via the cat_id parameter....
CVE-2006-1967
CVE-2006-1967 describes a Cross-site scripting (XSS) vulnerability in the calendar/Visitor.cgi component of KCScripts Calendar (distributed standalone and as part of Portal Pack 6.0 and earlier). The vulnerability allows remote attackers to inject arbitrary web script or HTML via the sort_order p...
CVE-2006-1969
CVE-2006-1969 corresponds to a cross-site scripting (XSS) vulnerability in the search/search.cgi component of an unspecified KCScripts script (likely Search Engine or Site Search), distributed with Portal Pack 6.0 and earlier. The issue allows remote attackers to inject arbitrary web script or HT...