Security Vulnerabilities, CVEs, Published In August 2005 (XSS)

CVE-2005-2761

Cross-site scripting (XSS) vulnerability in phpGroupWare 0.9.16.000 allows administrators to inject arbitrary web script or HTML by modifying the main screen message.
Max CVSS
4.3
EPSS Score
0.18%
Published
2005-08-31
Updated
2008-09-05

CVE-2005-2737

Cross-site scripting (XSS) vulnerability in PhotoPost PHP Pro 5.1 allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag.
Max CVSS
4.3
EPSS Score
0.83%
Published
2005-08-30
Updated
2017-07-11

CVE-2005-2736

Cross-site scripting (XSS) vulnerability in YaPig 0.95 and earlier allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag.
Max CVSS
4.3
EPSS Score
0.83%
Published
2005-08-30
Updated
2017-07-11

CVE-2005-2735

Cross-site scripting (XSS) vulnerability in phpGraphy 0.9.9a and earlier allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag.
Max CVSS
4.3
EPSS Score
0.41%
Published
2005-08-30
Updated
2017-07-11

CVE-2005-2734

Cross-site scripting (XSS) vulnerability in Gallery 1.5.1-RC2 and earlier allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag.
Max CVSS
4.3
EPSS Score
0.49%
Published
2005-08-30
Updated
2017-07-11

CVE-2005-2724

Cross-site scripting (XSS) vulnerability in SqWebMail 5.0.4 allows remote attackers to inject arbitrary web script or HTML via a file attachment that is processed by the Display feature. NOTE: the severity of this issue has been disputed by the developer.
Max CVSS
4.3
EPSS Score
0.69%
Published
2005-08-30
Updated
2017-07-11

CVE-2005-2721

Multiple cross-site scripting (XSS) vulnerabilities in (1) index.php or (2) admin.php in Foojan PHP Weblog allow remote attackers to inject arbitrary web script or HTML via the Referer field in the HTTP header.
Max CVSS
4.3
EPSS Score
0.32%
Published
2005-08-30
Updated
2017-07-11

CVE-2005-2698

Cross-site scripting (XSS) vulnerability in browse.php in Nephp Publisher Enterprise 3.04 allows remote attackers to inject arbitrary web script or HTML via a hex-encoded keywords parameter.
Max CVSS
4.3
EPSS Score
0.17%
Published
2005-08-26
Updated
2017-07-11

CVE-2005-2689

Multiple cross-site scripting (XSS) vulnerabilities in PostNuke 0.760-RC4b allows remote attackers to inject arbitrary web script or HTML via (1) the moderate parameter to the Comments module or (2) htmltext parameter to html/user.php.
Max CVSS
2.6
EPSS Score
0.19%
Published
2005-08-24
Updated
2008-09-05

CVE-2005-2688

Multiple cross-site scripting (XSS) vulnerabilities in SaveWebPortal 3.4 allow remote attackers to inject arbitrary web script or HTML via a large number of parameters to (1) footer.php, (2) header.php, (3) menu_dx.php, or (4) menu_sx.php, or Javascript code in the (5) HTTP_REFERER (referer) or (6) HTTP_USER_AGENT (user agent) fields.
Max CVSS
4.3
EPSS Score
0.14%
Published
2005-08-24
Updated
2008-09-05

CVE-2005-2676

Cross-site scripting (XSS) vulnerability in displayimage.php in Coppermine Photo Gallery before 1.3.4 allows remote attackers to inject arbitrary web script or HTML via EXIF data.
Max CVSS
4.3
EPSS Score
0.24%
Published
2005-08-23
Updated
2008-09-05

CVE-2005-2674

Note: the vendor has disputed this issue. Multiple cross-site scripting (XSS) vulnerabilities in Land Down Under (LDU) 800 allow remote attackers to inject arbitrary web script or HTML via the (1) c or (2) m parameters to index.php or (3) w parameter to journal.php. NOTE: this issue has been disputed by the vendor, who says "None of the tricks written there are working, the variables are properly sanitized and no LDU version is affected.
Max CVSS
4.3
EPSS Score
0.33%
Published
2005-08-23
Updated
2024-04-11

CVE-2005-2653

Cross-site scripting (XSS) vulnerability in BBCaffe 2.0 allows remote attackers to inject arbitrary web script or HTML via e-mail data in a message.
Max CVSS
4.3
EPSS Score
1.04%
Published
2005-08-23
Updated
2017-07-11

CVE-2005-2650

Cross-site scripting (XSS) vulnerability in sign.asp in Emefa Guestbook 1.2 allows remote attackers to inject arbitrary web script or HTML via the (1) name, (2) location, and (3) email parameters.
Max CVSS
4.3
EPSS Score
0.62%
Published
2005-08-23
Updated
2008-09-05

CVE-2005-2649

Cross-site scripting (XSS) vulnerability in ATutor 1.5.1 allows remote attackers to inject arbitrary web script or HTML via (1) course parameter in login.php or (2) words parameter in search.php.
Max CVSS
4.3
EPSS Score
0.37%
Published
2005-08-23
Updated
2017-07-11

CVE-2005-2647

Cross-site scripting (XSS) vulnerability in Xerox MicroServer Web Server in Document Centre 220 through 265, 332 and 340, 420 through 490, and 535 through 555 allows remote attackers to inject arbitrary web script or HTML and modify web pages via unknown vectors.
Max CVSS
4.3
EPSS Score
0.32%
Published
2005-08-23
Updated
2008-09-05

CVE-2005-2638

Multiple cross-site scripting (XSS) vulnerabilities in PHPFreeNews 1.40 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) NewsMode parameter to NewsCategoryForm.php, or the (2) Match or (3) NewsMode parameter to SearchResults.php.
Max CVSS
4.3
EPSS Score
0.32%
Published
2005-08-23
Updated
2016-10-18

CVE-2005-2622

Cross-site scripting (XSS) vulnerability in index.php in ECW-Shop 6.0.2 allows remote attackers to inject arbitrary web script or HTML via the (1) max or (2) ctg parameter.
Max CVSS
4.3
EPSS Score
0.26%
Published
2005-08-19
Updated
2016-10-18

CVE-2005-2610

Cross-site scripting (XSS) vulnerability in index.php in VegaDNS 0.8.1, 0.9.8, and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via the message parameter.
Max CVSS
4.3
EPSS Score
0.36%
Published
2005-08-17
Updated
2008-09-05

CVE-2005-2608

SafeHTML before 1.3.5 does not properly filter script in UTF-7 and CSS comments, which allows remote attackers to conduct cross-site scripting (XSS) attacks in vulnerable applications that use SafeHTML.
Max CVSS
4.3
EPSS Score
0.17%
Published
2005-08-17
Updated
2008-09-05

CVE-2005-2603

Cross-site scripting (XSS) vulnerability in index.php for My Image Gallery (Mig ) 1.4.1 allows remote attackers to inject arbitrary web script or HTML via the (1) currDir or (2) image parameters.
Max CVSS
4.3
EPSS Score
0.82%
Published
2005-08-17
Updated
2011-03-08

CVE-2005-2595

Cross-site scripting (XSS) vulnerability in Dada Mail before 2.10 Alpha 1 allows remote attackers to execute arbitrary Javascript via archived messages.
Max CVSS
4.3
EPSS Score
0.26%
Published
2005-08-17
Updated
2008-09-05

CVE-2005-2590

Cross-site scripting (XSS) vulnerability in Parlano MindAlign 5.0 and later versions allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
Max CVSS
4.3
EPSS Score
0.68%
Published
2005-08-17
Updated
2017-07-11

CVE-2005-2588

Multiple cross-site scripting (XSS) vulnerabilities in DVBBS 7.1 SP2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the page parameter to dispbbs.asp, (2) name parameter to dispuser.asp, or the (3) title, (4) view, or (5) act parameter to boardhelp.asp.
Max CVSS
4.3
EPSS Score
0.58%
Published
2005-08-17
Updated
2008-09-05

CVE-2005-2569

Multiple cross-site scripting (XSS) vulnerabilities in FunkBoard 0.66CF, and possibly earlier versions, allow remote attackers to inject arbitrary web script or HTML via the fbusername or fbpassword parameter to (1) editpost.php, (2) prefs.php, (3) newtopic.php, (4) reply.php, or (5) profile.php, the (6) fbusername, (7) fmail, (8) www, (9) icq, (10) yim, (11) location, (12) sex, (13) interebbies, (14) sig or (15) aim parameter to register.php, or (16) subject parameter to newtopic.php.
Max CVSS
4.3
EPSS Score
0.28%
Published
2005-08-16
Updated
2016-10-18
43 vulnerabilities found
1 2
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close