CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7602 matches found

exploitpack•added 2005/12/06 12:0 a.m.•22 views

DuWare DuPortalPro 3.4.3 - Password.asp Cross-Site Scripting

DuWare DuPortalPro 3.4.3 - Password.asp Cross-Site Scripting source: https://www.securityfocus.com/bid/15731/info DuPortalPro is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this...

6.8AI score

Exploits0

Exploit DB•added 2005/12/05 12:0 a.m.•25 views

Easy Search System 1.1 - 'search.cgi' Cross-Site Scripting

source: https://www.securityfocus.com/bid/15705/info Easy Search System is prone to a cross-site scripting vulnerability. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the...

7AI score

Exploits0

exploitpack•added 2005/12/03 12:0 a.m.•9 views

SiteBeater News 4.0 - Archive.asp Cross-Site Scripting

SiteBeater News 4.0 - Archive.asp Cross-Site Scripting source: https://www.securityfocus.com/bid/15697/info SiteBeater News is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this...

6.8AI score

Exploits0

exploitpack•added 2005/12/03 12:0 a.m.•8 views

ASPS Shopping Cart Lite 2.1Professional 2.9 d - bsearch.asp?b_search Cross-Site Scripting

ASPS Shopping Cart Lite 2.1Professional 2.9 d - bsearch.asp?bsearch Cross-Site Scripting source: https://www.securityfocus.com/bid/15694/info ASPS Shopping Cart is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize...

0.1AI score

Exploits0

Packet Storm•added 2005/12/03 12:0 a.m.•21 views

phpMyChat0146.txt

phpMyChat Multiple XSS vulnerabilities. I. BACKGROUND phpMyChat is an easy-to-install, easy-to-use multi-room chat based on PHP and a database, supporting MySQL, PostgreSQL, and ODBC. II. DESCRIPTION phpMyChat 0.14.6 startpage.css.php, style.css.php, userspopupL.php are prone to Cross-site...

7.4AI score

Exploits0

Exploit DB•added 2005/12/02 12:0 a.m.•20 views

Java Search Engine 0.9.34 - search.jsp Cross-Site Scripting

source: https://www.securityfocus.com/bid/15687/info Java Search Engine is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the...

7.4AI score

Exploits0

Exploit DB•added 2005/12/01 12:0 a.m.•22 views

PHPMyChat 0.14.6 - 'style.css.php?medium' Cross-Site Scripting

source: https://www.securityfocus.com/bid/15679/info phpMyChat is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting...

7.4AI score

Exploits0

exploitpack•added 2005/12/01 12:0 a.m.•19 views

PHPMyChat 0.14.6 - start_page.css.php?medium Cross-Site Scripting

PHPMyChat 0.14.6 - startpage.css.php?medium Cross-Site Scripting source: https://www.securityfocus.com/bid/15679/info phpMyChat is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues t...

6.8AI score

Exploits0

NVD•added 2005/11/16 7:42 a.m.•7 views

CVE-2005-3544

Cross-site scripting XSS vulnerability in u2u.php in XMB 1.9.3 allows remote attackers to inject arbitrary web script or HTML via the username parameter...

4.3CVSS5.7AI score0.01045EPSS

Exploits1References6

Cvelist•added 2005/11/16 7:37 a.m.•17 views

CVE-2003-1278

Cross-site scripting vulnerability XSS in OpenTopic 2.3.1 allows remote attackers to execute arbitrary script as other users and possibly steal authentication information via cookies by injecting arbitrary HTML or script into IMG tags...

6.7AI score0.00725EPSS

Exploits1References3

CVE•added 2005/11/16 7:37 a.m.•52 views

CVE-2003-1277

CVE-2003-1277 describes cross-site scripting (XSS) in YaBB 1.5.0. The vulnerability allows remote attackers to execute arbitrary scripts as other users and potentially steal authentication information via cookies by injecting HTML/script into (1) news_icon of news_template.php and (2) threadid an...

4.3CVSS7AI score0.00683EPSS

Exploits1References4Affected Software1

Cvelist•added 2005/11/16 7:37 a.m.•23 views

CVE-2003-1277

Cross-site scripting XSS vulnerabilities in Yet Another Bulletin Board YaBB 1.5.0 allow remote attackers to execute arbitrary script as other users and possibly steal authentication information via cookies by injecting arbitrary HTML or script into 1 newsicon of newstemplate.php, and 2 threadid a...

6.7AI score0.00683EPSS

Exploits1References4

Positive Technologies•added 2005/11/16 12:0 a.m.•2 views

PT-2005-4395 · Ekinboard · Ekinboard

Name of the Vulnerable Software and Affected Versions: Ekinboard version 1.0.3 Description: The issue allows remote attackers to inject arbitrary web script or HTML, which can lead to cross-site scripting XSS attacks. This is possible via the id parameter in the "profile.php" endpoint and the...

4.3CVSS5.8AI score0.00758EPSS

Exploits1References9

Exploit DB•added 2005/11/07 12:0 a.m.•21 views

XMB Forum 1.9.3 - 'u2u.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/15342/info XMB is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

7.4AI score

Exploits0

securityvulns•added 2005/11/07 12:0 a.m.•23 views

Zoomblog HTML Injection Vulnerability

DESCRIPTION Zoomblog is prone to HTML injection attacks. It is possible for a malicious Zoomblog user to inject hostile HTML and script code into the commentary via form fields. This code may be rendered in the browser of a web user who views the commentary of Zoomblog. Zoomblog does not adequate...

0.9AI score

Exploits0

Packet Storm•added 2005/11/04 12:0 a.m.•35 views

phpinfoXSS.txt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [email protected] schrieb: PoC: phpinfo.php?GLOBALStest=alertdocument.cookie; ...or just use phpinfo.php?=alertdocument.cookie; Saves some typing. In contrary to the above, this one only works on IE tested 6 on XP SP2 & Konqueror tested 3.4.2, though...

7.4AI score

Exploits0

NVD•added 2005/11/02 11:2 a.m.•9 views

CVE-2005-3430

Incomplete blacklist vulnerability in Rockliffe MailSite Express before 6.1.22 allows remote attackers to upload and execute arbitrary script files by giving the files specific extensions, such as 1 .unk, 2 .asa, and possibly 3 .htr and 4 .aspx, which are not filtered like the .asp extension...

7.5CVSS7.4AI score0.012EPSS

Exploits0References7

exploitpack•added 2005/11/02 12:0 a.m.•11 views

Simple PHP Blog 0.4 - preview_cgi.php Multiple Cross-Site Scripting Vulnerabilities

Simple PHP Blog 0.4 - previewcgi.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/15283/info Simple PHP Blog is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied...

7.1AI score

Exploits0

exploitpack•added 2005/11/02 12:0 a.m.•11 views

Simple PHP Blog 0.4 - colors.php Multiple Cross-Site Scripting Vulnerabilities

Simple PHP Blog 0.4 - colors.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/15283/info Simple PHP Blog is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input...

Exploits0

exploitpack•added 2005/11/01 12:0 a.m.•19 views

VUBB - index.php Cross-Site Scripting

VUBB - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/15260/info VUBB is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary scrip...

6.8AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by