CVSS:4.3(Medium)
Cross-site scripting (XSS) vulnerability in atl.cgi in AtlantForum 4.02 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) sch_allsubct, (2) before, and (3) ct para...
CVSS:4.3(Medium)
Cross-site scripting (XSS) vulnerability in bbBoard 2.56 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters, possibly via the "keys" parameter...
CVSS:4.3(Medium)
Cross-site scripting (XSS) vulnerability in Absolute Image Gallery XE 2.x allows remote attackers to inject arbitrary web script or HTML via the text parameter. NOTE: the provenance of this informatio...
CVSS:4.3(Medium)
Cross-site scripting (XSS) vulnerability in Alkacon OpenCms before 6.0.3 allows remote attackers to inject arbitrary web script or HTML via the username in the login page.
CVSS:4.3(Medium)
Cross-site scripting (XSS) vulnerability in cp-app.cgi in ClickCartPro (CCP) 5.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the affl parameter.
CVSS:4.3(Medium)
Cross-site scripting (XSS) vulnerability in CommerceSQL 1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search module parameters, possibly the keywords p...
CVSS:4.3(Medium)
Cross-site scripting (XSS) vulnerability in cart.cgi in ECTOOLS Onlineshop 1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) product, (2) category, and (3) uid...
CVSS:4.3(Medium)
Cross-site scripting (XSS) vulnerability in index.cgi in ECW-Cart 2.03 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) kword, (2) max, (3) min, (4) comp, and (5)...
CVSS:4.3(Medium)
Cross-site scripting (XSS) vulnerability in EDCstore.pl in eDatCat 0.3 allows remote attackers to inject arbitrary web script or HTML via the user_action parameter.
CVSS:4.3(Medium)
Cross-site scripting (XSS) vulnerability in index.php in MarmaraWeb E-commerce allows remote attackers to inject arbitrary web script or HTML via the page parameter to index.php. NOTE: this might be r...
CVSS:4.3(Medium)
Cross-site scripting (XSS) vulnerability in pdestore.cgi in Dick Copits PDEstore 1.8 and earlier allows remote attackers to inject arbitrary web script or HTML via (1) the search module parameter or t...
CVSS:4.3(Medium)
Cross-site scripting (XSS) vulnerability in StaticStore Search Engine 1.189A and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified parameters to search.cgi, possib...
CVSS:4.3(Medium)
Cross-site scripting (XSS) vulnerability in The CITY Shop 1.3 and earlier allows remote attackers to inject arbitrary web script or HTML via parameters to the search module, possibly SKey to store.cgi...
CVSS:4.3(Medium)
Cross-site scripting (XSS) vulnerability in Zaygo DomainCart 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML, possibly via the root parameter to zaygo.cgi.
CVSS:4.3(Medium)
Cross-site scripting (XSS) vulnerability in Zaygo HostingCart 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via certain search module parameters, possibly the root par...
CVSS:4.3(Medium)
Cross-site scripting (XSS) vulnerability in index.php in toendaCMS before 0.7 Beta allows remote attackers to inject arbitrary web script or HTML via the id parameter.
CVSS:5.0(Medium)
Unspecified vulnerability in Business Objects WebIntelligence 6.5x allows remote attackers to cause a denial of service (user account lock out) via unknown attack vectors related to "authentication me...
CVSS:4.3(Medium)
Cross-site scripting (XSS) vulnerability in the News module in Envolution allows remote attackers to inject arbitrary web script or HTML via the (1) startrow and (2) catid parameter. NOTE: this issue ...
CVSS:4.3(Medium)
Interpretation conflict in includes/mainfile.php in PHP-Nuke 7.9 and later allows remote attackers to perform cross-site scripting (XSS) attacks by replacing the ">" in the tag with a "<", which bypas...
CVSS:4.3(Medium)
Cross-site scripting (XSS) vulnerability in forum.asp in ASP-DEV XM Forum RC3 allows remote attackers to inject arbitrary web script or HTML via the forum_title parameter. NOTE: the provenance of this...
CVSS:4.3(Medium)
Cross-site scripting (XSS) vulnerability in TextSearch in WikkaWiki 1.1.6.0 allows remote attackers to inject arbitrary web script or HTML via a hex-encoded phrase parameter.
CVSS:4.3(Medium)
Cross-site scripting (XSS) vulnerability in getdox.php in Torrential 1.2 allows remote attackers to inject arbitrary web script or HTML via the URL. NOTE: this might be resultant from CVE-2005-4160.
CVSS:4.3(Medium)
Cross-site scripting (XSS) vulnerability in mcGallery PRO 2.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search module parameters.
CVSS:5.0(Medium)
Directory traversal vulnerability in mcGallery PRO 2.2 and earlier allows remote attackers to read arbitrary files via the language parameter.