PPA 0.5.6 - 'ppa_root_path' File Inclusion

source: https://www.securityfocus.com/bid/14209/info PPA is susceptible to a remote file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary server-side script code on an affect...

AutoIndex PHP Script 1.5.2 - 'index.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/14154/info AutoIndex PHP Script is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the...

Community Server Forums - SearchResults.aspx Cross-Site Scripting

Community Server Forums - SearchResults.aspx Cross-Site Scripting source: https://www.securityfocus.com/bid/14078/info Community Server Forums is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker...

Hosting Controller 6.1 - error.asp Cross-Site Scripting

Hosting Controller 6.1 - error.asp Cross-Site Scripting source: https://www.securityfocus.com/bid/14080/info Hosting Controller is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input to the 'error.asp' script. A...

ASPNuke 0.80 - 'forgot_password.asp?email' Cross-Site Scripting

source: https://www.securityfocus.com/bid/14062/info ASPNuke is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues to have arbitrary script code execute...

Whois.Cart 2.2.x - profile.php Cross-Site Scripting

Whois.Cart 2.2.x - profile.php Cross-Site Scripting source: https://www.securityfocus.com/bid/14044/info Whois.Cart is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to...

Whois.Cart 2.2.x - 'profile.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/14044/info Whois.Cart is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser o...

CVE-2002-1683

Cross-site scripting XSS vulnerability in BadBlue Personal Edition 1.7.3 allows remote attackers to execute arbitrary script as other users by injecting script into the cleanSearchString function...

CVE-2002-1685

Cross-site scripting vulnerability XSS in BadBlue Enterprise Edition and Personal Edition 1.7 and 1.7.2 allows remote attackers to execute arbitrary script as other users by injecting script into ext.dll ISAPI...

CVE-2002-1688

The browser history feature in Microsoft Internet Explorer 5.5 through 6.0 allows remote attackers to execute arbitrary script as other users and steal authentication information via cookies by injecting JavaScript into the URL, which is executed when the user hits the Back button...

CVE-2002-1685

CVE-2002-1685 : BadBlue Enterprise Edition and Personal Edition versions 1.7 and 1.7.2 are affected by a cross-site scripting (XSS) vulnerability in the ext.dll ISAPI. The flaw enables an attacker to execute arbitrary script in the context of other users by injecting script via the ext.dll ISAPI ...

CVE-2002-1708

The OpenVAS/Nessus entries confirm CVE-2002-1708 as a cross-site scripting vulnerability in BasiliX Webmail, affecting version 1.1.0 or lower. The issue arises because BasiliX does not filter HTML tags when displaying messages, enabling an attacker to inject arbitrary HTML/script into the message...

CVE-2002-1702

Cross-site scripting vulnerability XSS in DeltaScripts PHP Classifieds 6.0.5 allows remote attackers to execute arbitrary script as other users via the URL parameter...

CVE-2002-1681

Cross-site scripting XSS vulnerability in Slashcode CVS releases June 17 through July 1 2002 allows remote attackers to execute arbitrary script as other users by injecting script into the paragraph tag...

CVE-2002-1703

Cross-site scripting vulnerability XSS in auction.cgi for Mewsoft NetAuction 3.0 allows remote attackers to execute arbitrary script as other users via the Term parameter...

CVE-2002-1724

Cross-site scripting vulnerability XSS in phpimageview.php for PHPImageView 1.0 allows remote attackers to execute arbitrary script as other users via the pic parameter...

CVE-2002-1708

Cross-site scripting vulnerability XSS in BasiliX Webmail 1.10 allows remote attackers to execute arbitrary script as other users by injecting script into the 1 subject or 2 message fields...

CVE-2002-1679

Cross-site scripting XSS vulnerability in Jelsoft vBulletin 2.2.0 allows remote attackers to execute arbitrary script as other users by injecting script into a bulletin board message...

CVE-2002-1679

CVE-2002-1679 is a cross-site scripting (XSS) vulnerability in Jelsoft vBulletin 2.2.0 that allows remote attackers to execute arbitrary script as other users by injecting script into a bulletin board message. The provided connected documents confirm the affected product and version and describe ...

CVE-2002-1729

Cross-site scripting vulnerability XSS in ASPjar Guestbook 1.00 allows remote attackers to execute arbitrary script as other users via the "web site" parameter in a guestbook message...