CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7602 matches found

exploitpack•added 2005/06/20 12:0 a.m.•18 views

UApplication Ublog Reload 1.0.5 - Trackback.asp Cross-Site Scripting

UApplication Ublog Reload 1.0.5 - Trackback.asp Cross-Site Scripting source: https://www.securityfocus.com/bid/13994/info Ublog Reload is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may...

6.8AI score

Exploits0

Exploit DB•added 2005/06/20 12:0 a.m.•21 views

I-Gallery - Folder Argument Cross-Site Scripting

source: https://www.securityfocus.com/bid/14002/info i-Gallery is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input to the 'folder' parameter of 'folderview.asp'. An attacker may leverage this issue to have...

7.4AI score

Exploits0

exploitpack•added 2005/06/20 12:0 a.m.•9 views

I-Gallery - Folder Argument Cross-Site Scripting

I-Gallery - Folder Argument Cross-Site Scripting source: https://www.securityfocus.com/bid/14002/info i-Gallery is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input to the 'folder' parameter of 'folderview.asp...

0.1AI score

Exploits0

exploitpack•added 2005/06/16 12:0 a.m.•7 views

ATutor 1.4.3 - subscribe_forum.php?us Cross-Site Scripting

ATutor 1.4.3 - subscribeforum.php?us Cross-Site Scripting source: https://www.securityfocus.com/bid/13972/info ATutor is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage...

6.8AI score

Exploits0

Exploit DB•added 2005/06/16 12:0 a.m.•110 views

ATutor 1.4.3 - 'content.php?cid' Cross-Site Scripting

source: https://www.securityfocus.com/bid/13972/info ATutor is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues to have arbitrary script code executed...

7.4AI score

Exploits0

exploitpack•added 2005/06/16 12:0 a.m.•12 views

ATutor 1.4.3 - contact.php?subject Cross-Site Scripting

ATutor 1.4.3 - contact.php?subject Cross-Site Scripting source: https://www.securityfocus.com/bid/13972/info ATutor is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage an...

6.8AI score

Exploits0

Exploit DB•added 2005/06/16 12:0 a.m.•20 views

ATutor 1.4.3 - 'send_message.php?l' Cross-Site Scripting

7.4AI score

Exploits0

Exploit DB•added 2005/06/16 12:0 a.m.•19 views

ATutor 1.4.3 - 'search.php' Multiple Cross-Site Scripting Vulnerabilities

7AI score

Exploits0

exploitpack•added 2005/06/14 12:0 a.m.•93 views

Annuaire 1Two 1.01.1 - index.php Cross-Site Scripting

Annuaire 1Two 1.01.1 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/13961/info Annuaire 1Two is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issu...

6.8AI score

Exploits0

Symantec•added 2005/06/14 12:0 a.m.•13 views

Microsoft Exchange Server Outlook Web Access HTML Injection Vulnerability

Description Outlook Web Access is prone to an HTML injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the affected application of an unsuspecting user in...

0.1AI score

Exploits0References2Affected Software2

CERT•added 2005/06/14 12:0 a.m.•39 views

Microsoft Outlook Web Access vulnerable to cross-site scripting

Overview Microsoft Outlook Web Access may be vulnerable to cross-site scripting attacks. Description Microsoft Outlook Web Access OWA allows users to access their email accounts on a Microsoft Exchange server from another host through a web browser.Microsoft Outlook Web Access for Exchange Server...

4.3CVSS6.2AI score0.22959EPSS

Exploits0References2

exploitpack•added 2005/06/06 12:0 a.m.•9 views

YaPiG 0.9x - view.php Cross-Site Scripting

YaPiG 0.9x - view.php Cross-Site Scripting source: https://www.securityfocus.com/bid/13875/info YaPiG is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary...

6.8AI score

Exploits0

exploitpack•added 2005/06/03 12:0 a.m.•18 views

Popper Webmail 1.41 - ChildWindow.Inc.php Remote File Inclusion

Popper Webmail 1.41 - ChildWindow.Inc.php Remote File Inclusion source: https://www.securityfocus.com/bid/13851/info Popper is affected by a remote file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this...

7.5AI score

Exploits0

securityvulns•added 2005/05/28 12:0 a.m.•31 views

[Full-disclosure] XSS Bug in Jaws Glossary Action: ViewTerm ( v 0.4 - 0.5.1 (latest version))

XSS Bug in Jaws Glossary v 0.4 - 0.5.1 latest version STATUS: The vendor has been contacted, fixed in cvs. Jaws is a Framework and Content Management System for building dynamic web sites. It aims to be User Friendly giving ease of use and lots of ways to customize web sites, but at the same time...

0.8AI score

Exploits0

Cvelist•added 2005/05/27 4:0 a.m.•14 views

CVE-2004-2130

Multiple cross-site scripting XSS vulnerabilities in privmsg.php in phpBB 2.0.6 allow remote attackers to execute arbitrary script or HTML via the 1 folder or 2 mode variables...

6.2AI score0.07292EPSS

Exploits1References3

Cvelist•added 2005/05/27 4:0 a.m.•8 views

CVE-2004-2128

Cross-site scripting XSS vulnerability in BRS WebWeaver 1.07 allows remote attackers to execute arbitrary script as other users via the query string to ISAPISkeleton.dll...

6.3AI score0.007EPSS

Exploits1References7

Cvelist•added 2005/05/27 4:0 a.m.•17 views

CVE-2004-2096

Cross-site scripting XSS vulnerability in Mephistoles httpd 0.6.0 final allows remote attackers to execute arbitrary script as other users by injecting arbitrary HTML or script into the URL...

6.2AI score0.00805EPSS

Exploits1References5

Cvelist•added 2005/05/27 4:0 a.m.•19 views

CVE-2004-2115

Multiple cross-site scripting XSS vulnerabilities in Oracle HTTP Server 1.3.22, based on Apache, allow remote attackers to execute arbitrary script as other users via the 1 action, 2 username, or 3 password parameters in an isqlplus request...

6.2AI score0.50278EPSS

Exploits1References3

exploitpack•added 2005/05/27 12:0 a.m.•30 views

BEA WebLogic 7.08.1 - Administration Console LoginForm.jsp Cross-Site Scripting

BEA WebLogic 7.08.1 - Administration Console LoginForm.jsp Cross-Site Scripting source: https://www.securityfocus.com/bid/13793/info BEA WebLogic Server And WebLogic Express are affected by a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitiz...

Exploits0

Exploit DB•added 2005/05/27 12:0 a.m.•37 views

BEA WebLogic 7.0/8.1 - Administration Console LoginForm.jsp Cross-Site Scripting

source: https://www.securityfocus.com/bid/13793/info BEA WebLogic Server And WebLogic Express are affected by a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input to the 'LoginForm.jsp' script. An attacker may leverage th...

7.4AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by