CVE-2004-0319

This CVE (CVE-2004-0319) concerns a Cross-site scripting (XSS) vulnerability in ezBoard 7.3u. The underlying issue is within the font tag handling, where attacker-controlled content can be injected via background:url used in a (1) font color or (2) font face argument, allowing remote execution of...

CVE-2004-0251

The CVE-2004-0251 issue affects the web CGI component rxgoogle.cgi. The concrete vulnerability is a Cross-site Scripting (XSS) flaw in the rxgoogle.cgi query parameter, which can allow remote attackers to execute arbitrary script in the context of other users. The available connected records stat...

CVE-2004-0251

Cross-site scripting XSS vulnerability in rxgoogle.cgi allows remote attackers to execute arbitrary script as other users via the query parameter...

CVE-2004-0322

Multiple cross-site scripting XSS vulnerabilities in XMB 1.8 Final SP2 allow remote attackers to execute arbitrary script as other users via the 1 member parameter in member.php, 2 uid parameter in u2uadmin.php, 3 user parameter in editprofile.php, 4 an onmouseover event in an align tag when bbco...

XMB Forum 1.8 - 'editprofile.php?user' Cross-Site Scripting

source: https://www.securityfocus.com/bid/9726/info XMB Forum has been reported prone to multiple cross-site scripting, HTML injection and SQL injection vulnerabilities. The issues present themselves due to insufficient sanitization of remote user supplied data. An attacker may exploit any one of...

CVE-2003-1347

Multiple cross-site scripting XSS vulnerabilities in Geeklog 1.3.7 allow remote attackers to inject arbitrary web script or HTML via the 1 cid parameter to comment.php, 2 uid parameter to profiles.php, 3 uid to users.php, and 4 homepage field...

CVE-2003-1519

Cross-site scripting XSS vulnerability in Vivisimo clustering engine allows remote attackers to inject arbitrary web script or HTML via the query parameter to the search program...

CVE-2003-0712

Cross-site scripting XSS vulnerability in the HTML encoding for the Compose New Message form in Microsoft Exchange Server 5.5 Outlook Web Access OWA allows remote attackers to execute arbitrary web script...

CVE-2003-1145

Cross-site scripting XSS vulnerability in friendmail.php in OpenAutoClassifieds 1.0 allows remote attackers to inject arbitrary web script or HTML via the listing parameter...

Vivisimo Clustering Engine - Search Script Cross-Site Scripting

source: https://www.securityfocus.com/bid/8862/info Vivisimo Clustering Engine reported prone to cross-site scripting vulnerability. The problem occurs due to insufficient sanitization of parameters passed to the search script. As a result, an attacker may be capable of constructing a link design...

CVE-2003-0763

CVE-2003-0763 describes a Cross-site scripting (XSS) vulnerability in the Escapade Scripting Engine (ESP). The issue arises from unsanitized input in the method parameter (demonstrated via the PAGE parameter), enabling remote attackers to inject arbitrary script. Documents indicate the affected c...

CVE-2003-0769

Cross-site scripting XSS vulnerability in the ICQ Web Front guestbook guestbook.html allows remote attackers to insert arbitrary web script and HTML via the message field...

XMB Forum 1.8 - buddy.php?action Cross-Site Scripting

XMB Forum 1.8 - buddy.php?action Cross-Site Scripting source: https://www.securityfocus.com/bid/8013/info XMB Forum has been reported prone to multiple cross-site scripting and HTML-injection vulnerabilities because the application fails to sanitize user-supplied data. An attacker may exploit any...

XMB Forum 1.8 - 'member.php?member' Cross-Site Scripting

source: https://www.securityfocus.com/bid/8013/info XMB Forum has been reported prone to multiple cross-site scripting and HTML-injection vulnerabilities because the application fails to sanitize user-supplied data. An attacker may exploit any one of these vulnerabilities to execute arbitrary...

XMB Forum 1.8 - member.php?member Cross-Site Scripting

XMB Forum 1.8 - member.php?member Cross-Site Scripting source: https://www.securityfocus.com/bid/8013/info XMB Forum has been reported prone to multiple cross-site scripting and HTML-injection vulnerabilities because the application fails to sanitize user-supplied data. An attacker may exploit an...

XMB Forum 1.8 - 'buddy.php?action' Cross-Site Scripting

source: https://www.securityfocus.com/bid/8013/info XMB Forum has been reported prone to multiple cross-site scripting and HTML-injection vulnerabilities because the application fails to sanitize user-supplied data. An attacker may exploit any one of these vulnerabilities to execute arbitrary...

PHP 4.x - Transparent Session ID Cross-Site Scripting

PHP 4.x - Transparent Session ID Cross-Site Scripting source: https://www.securityfocus.com/bid/7761/info A cross-site scripting vulnerability has been discovered in PHP. The problem occurs due to insufficient sanitization of the PHPSESSID URI parameter. An attacker may be capable of exploiting...

PHP 4.x - Transparent Session ID Cross-Site Scripting

source: https://www.securityfocus.com/bid/7761/info A cross-site scripting vulnerability has been discovered in PHP. The problem occurs due to insufficient sanitization of the PHPSESSID URI parameter. An attacker may be capable of exploiting this vulnerability by constructing a malicious link...

Happymall E-Commerce Software 4.34.4 - Normal_HTML.cgi Cross-Site Scripting

Happymall E-Commerce Software 4.34.4 - NormalHTML.cgi Cross-Site Scripting source: https://www.securityfocus.com/bid/7557/info IT has been reported that Happymall E-Commerce is prone to cross-site scripting attacks. The problem occurs due to insufficient sanitization of user-supplied URI...

Basic Analysis and Security Engine (BASE) 1.2.4 - PrintFreshPage Cross-Site Scripting

Basic Analysis and Security Engine BASE 1.2.4 - PrintFreshPage Cross-Site Scripting source: https://www.securityfocus.com/bid/17391/info BASE is prone to a cross-site scripting vulnerability. The application fails to properly sanitize user-supplied input in the 'PrintFreshPage' function. An...