Cross-site scripting (XSS) vulnerability in login_error.shtml for D-Link DSA-3100 allows remote attackers to inject arbitrary HTML or web script via an encoded uname parameter. Date published : 2006-05-30 http://www.securityfocus.com/bid/18168 http://www.securityfocus.com/archive/1/435212/100/0/threaded
Cross-site scripting (XSS) vulnerability in WikiNi 0.4.2 and earlier allows remote attackers to inject arbitrary HTML and web script by editing a Wiki page to contain the script. Date published : 2006-05-30 http://www.securityfocus.com/bid/18156 http://www.securityfocus.com/archive/1/435307/100/0/threaded
Cross-site scripting (XSS) vulnerability in index.php in Vacation Rental Script 1.0 allows remote attackers to inject arbitrary web script or HTML via the obj parameter. Date published : 2006-05-30 http://www.securityfocus.com/bid/18134 http://www.securityfocus.com/archive/1/435167/100/0/threaded
SQL injection vulnerability in cosmicshop/search.php in CosmicShoppingCart allows remote attackers to execute arbitrary SQL commands via the max parameter. Date published : 2006-05-30 http://www.securityfocus.com/bid/18709 http://archives.neohapsis.com/archives/fulldisclosure/2006-05/0683.html
Multiple cross-site scripting (XSS) vulnerabilities in (a) search.php, (b) search_cat.php, (c) search_price.php, and (d) product_details.php in the cosmicshop directory for CosmicShoppingCart allow remote attackers to inject arbitrary web script or HTML via multiple unspecified...
Cross-site scripting (XSS) vulnerability in perform_search.asp for ASPBB 0.52 and earlier allows remote attackers to inject arbitrary HTML or web script via the search parameter. Date published : 2006-05-30 http://www.securityfocus.com/bid/18146 http://www.securityfocus.com/archive/1/435280/100/0/threaded
Untrusted search path vulnerability in update_flash for IBM AIX 5.1, 5.2 and 5.3 allows local users to execute arbitrary commands via unknown vectors involving lsmcode and possibly other commands. Date published : 2006-05-30 http://www-1.ibm.com/support/search.wss?rs=0&q=IY85517&apar=only...
Buffer overflow in Alt-N MDaemon, possibly 9.0.1 and earlier, allows remote attackers to execute arbitrary code via a long A0001 argument that begins with a ‘"’ (double quote). Date published : 2006-05-30 http://www.securityfocus.com/bid/18129 http://marc.info/?l=full-disclosure&m=114882270912151&w=2
PHP remote file inclusion vulnerability in manager/frontinc/prepend.php for Plume 1.0.3 allows remote attackers to execute arbitrary code via a URL in the _PX_config[manager_path] parameter. NOTE: this is a different executable and affected version than...
AWStats 6.5, and possibly other versions, allows remote authenticated users to execute arbitrary code by using the configdir parameter to awstats.pl to upload a configuration file whose name contains shell metacharacters, then access that...
Cross-site scripting (XSS) vulnerability in index.php in Monster Top List (MTL) 1.4 allows remote attackers to inject arbitrary web script or HTML via the user_error_message parameter. Date published : 2006-05-30 http://www.securityfocus.com/archive/1/435113/100/0/threaded http://securityreason.com/securityalert/977
** UNVERIFIABLE ** NOTE: this issue does not contain any verifiable or actionable details. Cross-site scripting (XSS) vulnerability in Marco M. F. De Santis Php-residence 0.6 and earlier allows remote attackers to inject arbitrary...
** UNVERIFIABLE ** NOTE: this issue does not contain any verifiable or actionable details. Cross-site scripting (XSS) vulnerability in John Frank Asset Manager (AssetMan) 2.4a and earlier allows remote attackers to inject arbitrary web...
Cross-site scripting (XSS) vulnerability in OmegaMw7a.ASP in OMEGA (aka Omegasoft) INterneSErvicesLosungen (INSEL) allows remote attackers to inject arbitrary web script or HTML via the WCE parameter. Date published : 2006-05-30 http://www.securityfocus.com/archive/1/435109/100/0/threaded http://secunia.com/advisories/20319