) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): xss
- Search Type: Search All
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2005-0802 |
Cross-site scripting (XSS) vulnerability in search.asp in ACS Blog 0.8 through 1.1b allows remote attackers to execute arbitrary web script or HTML via the search parameter. Published: May 02, 2005; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
| CVE-2005-0818 |
Cross-site scripting (XSS) vulnerability in PunBB 1.2.3 allows remote attackers to inject arbitrary web script or HTML via the (1) email or (2) Jabber parameters. Published: May 02, 2005; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
| CVE-2005-0829 |
Cross-site scripting (XSS) vulnerability in setuser.php of the Digitanium addon to PHP-Fusion 5.01 allows remote attackers to inject arbitrary web script or HTML via the (1) user_name or (2) user_pass parameters. Published: May 02, 2005; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
| CVE-2005-0832 |
Cross-site scripting (XSS) vulnerability in PHP-Post before 0.33 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. Published: May 02, 2005; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
| CVE-2005-0842 |
Cross-site scripting (XSS) vulnerability in index.php in Kayako eSupport 2.3 allows remote attackers to inject arbitrary web script or HTML via the (1) _i or (2) _c parameter. Published: May 02, 2005; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
| CVE-2005-0846 |
Multiple cross-site scripting (XSS) vulnerabilities in the email auto-reply message in SurgeMail 2.2g3 allow remote attackers to inject arbitrary web script or HTML via the (1) message subject or (2) message header field. Published: May 02, 2005; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
| CVE-2005-0857 |
Cross-site scripting (XSS) vulnerability in avatar.php for CoolForum 0.8 and earlier allows remote attackers to inject arbitrary web script or HTML via the img parameter. Published: May 02, 2005; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
| CVE-2005-0863 |
Cross-site scripting (XSS) vulnerability in PHPOpenChat v3.x allows remote attackers to inject arbitrary web script or HTML via (1) the chatter parameter to regulars.php or (2) the chatter, chatter1, chatter2, chatter3, or chatter4 parameters to register.php. Published: May 02, 2005; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
| CVE-2005-0870 |
Multiple cross-site scripting (XSS) vulnerabilities in phpSysInfo 2.3, when register_globals is enabled, allow remote attackers to inject arbitrary web script or HTML via the (1) sensor_program parameter to index.php, (2) text[language], (3) text[template], or (4) hide_picklist parameter to system_footer.php. Published: May 02, 2005; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
| CVE-2005-0872 |
Cross-site scripting (XSS) vulnerability in calendar_scheduler.php in the Topic Calendar 1.0.1 module for phpBB allows remote attackers to inject arbitrary web script or HTML via the start parameter. Published: May 02, 2005; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
| CVE-2005-0873 |
Multiple cross-site scripting (XSS) vulnerabilities in test.jsp in Oracle Reports Server 10g (9.0.4.3.3) allow remote attackers to inject arbitrary web script or HTML via the (1) desname or (2) repprod parameter. Published: May 02, 2005; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
| CVE-2005-0885 |
Multiple cross-site scripting (XSS) vulnerabilities in XMB Forum 1.9.1 allow remote attackers to inject arbitrary web script or HTML via the (1) Mood or (2) "Send To" fields. Published: May 02, 2005; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
| CVE-2005-0886 |
Cross-site scripting (XSS) vulnerability in Invision Power Board 2.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via an HTTP POST request. Published: May 02, 2005; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
| CVE-2005-0888 |
Multiple cross-site scripting (XSS) vulnerabilities in functions.inc.php for Double Choco Latte 0.9.4.3 allow remote attackers to inject arbitrary web script or HTML via the (1) class or (2) method name. Published: May 02, 2005; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
| CVE-2005-0896 |
Multiple cross-site scripting (XSS) vulnerabilities in review.php in phpMyDirectory 10.1.3-rel allow remote attackers to inject arbitrary web script or HTML via the (1) subcat, (2) page, or (3) subsubcat parameter. Published: May 02, 2005; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
| CVE-2005-0901 |
Multiple cross-site scripting (XSS) vulnerabilities in NukeBookmarks 0.6 for PHP-Nuke allow remote attackers to inject arbitrary web script or HTML via the (1) catname, (2) markname, (3) comment, or (4) category parameter. Published: May 02, 2005; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
| CVE-2005-0910 |
Multiple cross-site scripting (XSS) vulnerabilities in exoops allow remote attackers to inject arbitrary web script or HTML via (1) the sortdays parameter to viewforum.php or (2) the viewcat parameter to index.php. Published: May 02, 2005; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
| CVE-2005-0925 |
Cross-site scripting (XSS) vulnerability in login.asp for Ublog Reload 1.0 through 1.0.4 allows remote attackers to inject arbitrary web script or HTML via the msg parameter. Published: May 02, 2005; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
| CVE-2005-0928 |
Multiple cross-site scripting (XSS) vulnerabilities in PhotoPost PHP Pro 5.x allow remote attackers to inject arbitrary web script or HTML via the (1) cat, (2) password, (3) ppuser, (4) sort, or (5) si parameters to showgallery.php, the (6) ppuser, (7) sort, or (8) si parameters to showmembers.php, or (9) the photo parameter to slideshow.php. Published: May 02, 2005; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
| CVE-2005-0930 |
Cross-site scripting (XSS) vulnerability in message.php in Chatness 2.5.1 and earlier allows remote attackers to inject arbitrary web script or HTML via (1) the user field or (2) the message parameter to message.php. Published: May 02, 2005; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |