Security Vulnerabilities, CVEs, Published In April 2005 (XSS)

CVE-2005-1317

Cross-site scripting (XSS) vulnerability in Horde Chora module before 1.2.3 allows remote attackers to inject arbitrary web script or HTML via the parent's frame page title.
Max CVSS
6.8
EPSS Score
0.76%
Published
2005-04-25
Updated
2008-09-05

CVE-2005-1300

Cross-site scripting (XSS) vulnerability in the inserter.cgi script allows remote attackers to inject arbitrary web script or HTML via the argument.
Max CVSS
6.8
EPSS Score
0.43%
Published
2005-04-25
Updated
2016-10-18

CVE-2005-1297

Cross-site scripting (XSS) vulnerability in the include.cgi script allows remote attackers to inject arbitrary web script or HTML via the argument.
Max CVSS
6.8
EPSS Score
0.43%
Published
2005-04-25
Updated
2016-10-18

CVE-2005-1285

Cross-site scripting (XSS) vulnerability in thread.php in WoltLab Burning Board 2.3.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the hilight parameter.
Max CVSS
6.8
EPSS Score
0.70%
Published
2005-04-22
Updated
2016-10-18

CVE-2005-1233

Cross-site scripting (XSS) vulnerability in index.php in PHP Labs proFile allows remote attackers to inject arbitrary web script or HTML via the (1) dir or (2) file parameters.
Max CVSS
4.3
EPSS Score
0.83%
Published
2005-04-20
Updated
2017-07-11

CVE-2005-1227

Cross-site scripting (XSS) vulnerability in PHProjekt 4.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the chatroom text submission form.
Max CVSS
5.1
EPSS Score
0.53%
Published
2005-04-20
Updated
2017-07-11

CVE-2005-1146

NOTE: this issue has been disputed by the vendor. Cross-site scripting (XSS) vulnerability in the login command in calendar.pl in CalendarScript 3.21 allows remote attackers to inject arbitrary web script or HTML via the username parameter, a different vulnerability than CVE-2005-1145
Max CVSS
4.3
EPSS Score
0.24%
Published
2005-04-12
Updated
2024-04-11

CVE-2005-1145

NOTE: this issue has been disputed by the vendor. Cross-site scripting (XSS) vulnerability in calendar.pl in CalendarScript 3.20 allows remote attackers to inject arbitrary web script or HTML via the template parameter, a different vulnerability than CVE-2005-1146
Max CVSS
4.3
EPSS Score
0.23%
Published
2005-04-12
Updated
2024-04-11

CVE-2005-1143

Cross-site scripting (XSS) vulnerability in index.php in EasyPHPCalendar before 6.2.8 allows remote attackers to inject arbitrary web script or HTML via the yr parameter.
Max CVSS
4.3
EPSS Score
0.26%
Published
2005-04-12
Updated
2008-09-05

CVE-2005-1140

Cross-site scripting (XSS) vulnerability in myBloggie 2.1.1 allows remote attackers to inject arbitrary web script or HTML via the comments.
Max CVSS
4.3
EPSS Score
0.14%
Published
2005-04-15
Updated
2008-09-05

CVE-2005-1130

Cross-site scripting (XSS) vulnerability in index.php in Pinnacle Cart allows remote attackers to inject arbitrary web script or HTML via the pg parameter.
Max CVSS
4.3
EPSS Score
1.02%
Published
2005-04-12
Updated
2017-07-11

CVE-2005-1118

Cross-site scripting (XSS) vulnerability in IISWebAgentIF.dll in the RSA Authentication Agent for Web 5.2 allows remote attackers to inject arbitrary web script or HTML via the postdata parameter.
Max CVSS
4.3
EPSS Score
0.60%
Published
2005-04-14
Updated
2017-07-11

CVE-2005-1077

Multiple cross-site scripting (XSS) vulnerabilities in XAMPP 1.4.x allow remote attackers to inject arbitrary web script or HTML via (1) cds.php, (2) Guestbook-EN.pl, or (3) phonebook.php.
Max CVSS
4.3
EPSS Score
0.23%
Published
2005-04-12
Updated
2016-10-18

CVE-2005-1072

Cross-site scripting (XSS) vulnerability in PunBB before 1.2.5 allows remote attackers to inject arbitrary web script or HTML.
Max CVSS
4.3
EPSS Score
0.15%
Published
2005-04-08
Updated
2008-09-05

CVE-2005-0412

Cross-site scripting (XSS) vulnerability in Spidean PostWrap allows remote attackers to inject arbitrary HTML and web script via the page parameter.
Max CVSS
6.8
EPSS Score
0.92%
Published
2005-04-27
Updated
2017-07-11

CVE-2005-0085

Cross-site scripting (XSS) vulnerability in ht://dig (htdig) before 3.1.6-r7 allows remote attackers to execute arbitrary web script or HTML via the config parameter, which is not properly sanitized before it is displayed in an error message.
Max CVSS
6.8
EPSS Score
2.33%
Published
2005-04-27
Updated
2017-10-11

CVE-2004-1341

Cross-site scripting (XSS) vulnerability in info2www before 1.2.2.9 allows remote attackers to inject arbitrary web script or HTML via the arguments to info2www.
Max CVSS
4.3
EPSS Score
0.15%
Published
2005-04-19
Updated
2017-07-11
17 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close