CVE-2005-0485 (panews)
Cross-site scripting (XSS) vulnerability in comment.php for paNews 2.0b4 for PHP Arena allows remote attackers to inject arbitrary HTML and web script via the showpost parameter.
Source: CVE-2005-0485 (panews)
[월:] 2005년 03월
CVE-2005-0477 (invision_power_board)
CVE-2005-0477 (invision_power_board)
Cross-site scripting (XSS) vulnerability in the SML code for Invision Power Board 1.3.1 FINAL allows remote attackers to inject arbitrary web script via (1) a signature file or (2) a message post containing an IMG tag within a COLOR tag whose style is set to background:url.