Cross-site scripting (XSS) vulnerability in index.php in ezPortal/ztml CMS 1.0 allows remote attackers to inject arbitrary web script or HTML via the (1) about, (2) again, (3) lastname, (4) email, (5) password, (6) album, (7) id, (8) table, (9) desc, (10) doc, (11) mname, (12) max, (13) htpl, (14) pheader, and possibly other parameters.
Max CVSS
4.3
EPSS Score
0.29%
Published
2006-08-31
Updated
2018-10-17
Cross-site scripting (XSS) vulnerability in comments.php in IwebNegar 1.1 allows remote attackers to inject arbitrary web script or HTML via the comment parameter.
Max CVSS
4.3
EPSS Score
0.26%
Published
2006-08-31
Updated
2018-10-17
Incomplete blacklist vulnerability in the nk_CSS function in nuked.php in Nuked-Klan 1.7 SP4.3 allows remote attackers to bypass anti-XSS features and inject arbitrary web script or HTML via JavaScript in an attribute value that is not in the blacklist, as demonstrated using the STYLE attribute of a B element.
Max CVSS
4.3
EPSS Score
0.16%
Published
2006-08-31
Updated
2018-10-17
Cross-site scripting (XSS) vulnerability in loginreq2.php in Visual Shapers ezContents 2.0.3 allows remote attackers to inject arbitrary web script or HTML via the subgroupname parameter.
Max CVSS
4.3
EPSS Score
0.99%
Published
2006-08-31
Updated
2018-10-17
Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.0.11 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters in (1) Admin Module Manager, (2) Admin Help, and (3) Search.
Max CVSS
6.8
EPSS Score
1.14%
Published
2006-08-31
Updated
2017-07-20
Cross-site scripting (XSS) vulnerability in PHP iAddressBook before 0.96 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Max CVSS
4.3
EPSS Score
0.29%
Published
2006-08-31
Updated
2017-07-20
Cross-site scripting (XSS) vulnerability in hlstats.php in HLstats 1.34 allows remote attackers to inject arbitrary web script or HTML via the q parameter.
Max CVSS
4.3
EPSS Score
0.89%
Published
2006-08-30
Updated
2017-07-20
Cross-site scripting (XSS) vulnerability in PmWiki before 2.1.18 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving "table markups".
Max CVSS
4.3
EPSS Score
0.29%
Published
2006-08-30
Updated
2008-09-05
Cross-site scripting (XSS) vulnerability in attachment.php in MyBulletinBoard (MyBB) 1.1.7 and possibly other versions allows remote attackers to inject arbitrary web script or HTML via a GIF image that contains URL-encoded Javascript, which is rendered by Internet Explorer.
Max CVSS
5.1
EPSS Score
4.68%
Published
2006-08-30
Updated
2018-10-17
Cross-site scripting (XSS) vulnerability in PHP iAddressBook before 0.95 allows remote attackers to inject arbitrary web script or HTML via the cat_name parameter, related to adding a category. (categories field). NOTE: some details are obtained from third party information.
Max CVSS
6.8
EPSS Score
1.14%
Published
2006-08-29
Updated
2011-03-08
Cross-site scripting (XSS) vulnerability in template/default/thanks_comment.php in Yet Another PHP Image Gallery (YaPIG) 0.95b allows remote attackers to inject arbitrary web script or HTML via the D_REFRESH_URL parameter.
Max CVSS
4.3
EPSS Score
0.27%
Published
2006-08-29
Updated
2018-10-17
Multiple cross-site scripting (XSS) vulnerabilities in Guder und Koch Netzwerktechnik Eichhorn Portal allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly including the (1) profil_nr and (2) sprache parameters in the main portion of the portal, the (3) suchstring field in suchForm in the main portion of the portal, the (4) GaleryKey and (5) Breadcrumbs parameters in the gallerie module, and the (6) GGBNSaction parameter in the ggbns module.
Max CVSS
5.1
EPSS Score
0.52%
Published
2006-08-26
Updated
2018-10-17
Cross-site scripting (XSS) vulnerability in getad.php in Diesel Paid Mail allows remote attackers to inject arbitrary web script or HTML via the ps parameter.
Max CVSS
4.3
EPSS Score
0.99%
Published
2006-08-27
Updated
2018-10-17
Multiple cross-site scripting (XSS) vulnerabilities in jobseekers/forgot.php in Diesel Job Site allow remote attackers to inject arbitrary web script or HTML via the (1) uname or (2) SEmail parameters.
Max CVSS
4.3
EPSS Score
0.59%
Published
2006-08-27
Updated
2018-10-17
Cross-site scripting (XSS) vulnerability in E-commerce 4.7 for Drupal before file.module 1.37.2.4 (20060812) allows remote authenticated users with the "create products" permission to inject arbitrary web script or HTML via unspecified vectors.
Max CVSS
3.5
EPSS Score
0.18%
Published
2006-08-27
Updated
2017-07-20
Cross-site scripting (XSS) vulnerability in index.php in Diesel Pay allows remote attackers to inject arbitrary web script or HTML via the read parameter.
Max CVSS
4.3
EPSS Score
6.46%
Published
2006-08-27
Updated
2017-07-20
Cross-site scripting (XSS) vulnerability in Drupal Easylinks Module (easylinks.module) 4.7 before 1.5.2.1 2006/08/19 12:02:27 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Max CVSS
2.6
EPSS Score
0.48%
Published
2006-08-27
Updated
2017-07-20
Cross-site scripting (XSS) vulnerability in index.php in OneOrZero 1.6.4.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter.
Max CVSS
6.8
EPSS Score
0.39%
Published
2006-08-24
Updated
2018-10-17
Multiple cross-site scripting (XSS) vulnerabilities in add_url.php in CloudNine Interactive Links Manager 2006-06-12 allow remote attackers to inject arbitrary web script or HTML via the (1) title, (2) description, or (3) keywords parameters.
Max CVSS
6.8
EPSS Score
5.14%
Published
2006-08-24
Updated
2018-10-17
Cross-site scripting (XSS) vulnerability in gbook.php in Doika guestbook 2.5, and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the page parameter.
Max CVSS
6.8
EPSS Score
4.89%
Published
2006-08-24
Updated
2018-10-17
Cross-site scripting (XSS) vulnerability in add_url2.php in CityForFree indexcity 1.0 allows remote attackers to inject arbitrary web script or HTML via the url parameter.
Max CVSS
6.8
EPSS Score
5.14%
Published
2006-08-24
Updated
2018-10-17
Cross-site scripting (XSS) vulnerability in attachment.php in WoltLab Burning Board (WBB) 2.3.5 allows remote attackers to inject arbitrary web script or HTML via a GIF image that contains URL-encoded Javascript.
Max CVSS
6.8
EPSS Score
2.31%
Published
2006-08-24
Updated
2018-10-17
Multiple cross-site scripting (XSS) vulnerabilities in Blackboard Learning System 6, Blackboard Learning and Community Portal Suite 6.2.3.23, and Blackboard Vista 4 allow remote attackers to inject arbitrary Javascript, VBScript, or HTML via (1) data, (2) vbscript, and (3) malformed javascript URIs in various HTML tags when posting to the Discussion Board.
Max CVSS
4.3
EPSS Score
0.96%
Published
2006-08-23
Updated
2018-10-17
Cross-site scripting (XSS) vulnerability in tiki-searchindex.php in TikiWiki 1.9.4 allows remote attackers to inject arbitrary web script or HTML via the highlight parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
Max CVSS
4.3
EPSS Score
0.57%
Published
2006-08-23
Updated
2017-07-20
Cross-site scripting (XSS) vulnerability in ascan_6.asp in Panda ActiveScan 5.53.00 allows remote attackers to inject arbitrary web script or HTML via the email parameter.
Max CVSS
4.3
EPSS Score
0.25%
Published
2006-08-23
Updated
2008-09-05
67 vulnerabilities found
1 2 3
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!