7604 matches found
CVE-2002-0955
Cross-site scripting vulnerability in YaBB.cgi for Yet Another Bulletin Board YaBB 1 Gold SP1 and earlier allows remote attackers to execute arbitrary script as other web site visitors via script in the num parameter, which is not filtered in the resulting error message...
CVE-2002-0960
Multiple cross-site scripting vulnerabilities in Voxel Dot Net CBMS 0.7 and earlier allows remote attackers to execute arbitrary script as other CBMS users...
Microsoft Internet Explorer executes scripts when scripting has been disabled after bypassing initial security checks
Overview A vulnerability exists in Microsoft Internet Explorer that could permit an attacker to execute arbitrary script, even if the user has specifically disabled active scripting. Description Internet Explorer permits users to customize settings that enable and disable the ability of scripts t...
Drupal 4.0 - News Message HTML Injection
Drupal 4.0 - News Message HTML Injection source: https://www.securityfocus.com/bid/5801/info Problems with Drupal could allow an attacker to execute arbitrary script code in a vulnerable client. Drupal fails to sufficiently filter potentially malicious HTML code from news posts. As a result, when...
DaCode 1.2 - News Message HTML Injection
DaCode 1.2 - News Message HTML Injection source: https://www.securityfocus.com/bid/5798/info Problems with DaCode could make it possible to execute arbitrary script code in a vulnerable client. DaCode does not sufficiently filter potentially malicious HTML code from news posts. As a result, when ...
PHP-Nuke 6.0 - News Message HTML Injection
source: https://www.securityfocus.com/bid/5796/info Problems with PHPNuke could make it possible to execute arbitrary script code in a vulnerable client. PHPNuke does not sufficiently filter potentially malicious HTML code from news posts. As a result, when a user views a news posting that contai...
NPDS 4.8 - News Message HTML Injection
NPDS 4.8 - News Message HTML Injection source: https://www.securityfocus.com/bid/5797/info Problems with NPDS could make it possible to execute arbitrary script code in a vulnerable client. NPDS does not sufficiently filter potentially malicious HTML code from news posts. As a result, when a user...
NPDS 4.8 - News Message HTML Injection
source: https://www.securityfocus.com/bid/5797/info Problems with NPDS could make it possible to execute arbitrary script code in a vulnerable client. NPDS does not sufficiently filter potentially malicious HTML code from news posts. As a result, when a user views a news posting that contains...
phpWebSite 0.8.3 - News Message HTML Injection
source: https://www.securityfocus.com/bid/5802/info Problems with phpWebSite could make it possible to execute arbitrary script code in a vulnerable client. phpWebSite does not sufficiently filter potentially malicious HTML code from news posts. As a result, when a user views a news posting that...
DaCode 1.2 - News Message HTML Injection
source: https://www.securityfocus.com/bid/5798/info Problems with DaCode could make it possible to execute arbitrary script code in a vulnerable client. DaCode does not sufficiently filter potentially malicious HTML code from news posts. As a result, when a user views a news posting that contains...
ACWeb 1.141.8 - Cross-Site Scripting
ACWeb 1.141.8 - Cross-Site Scripting source: https://www.securityfocus.com/bid/5793/info acWEB is prone to cross-site scripting attacks. It is possible to construct a malicious link to the web server which contains arbitrary script code. When the link is visited, the script code will be executed ...
Drupal 4.0 - News Message HTML Injection
source: https://www.securityfocus.com/bid/5801/info Problems with Drupal could allow an attacker to execute arbitrary script code in a vulnerable client. Drupal fails to sufficiently filter potentially malicious HTML code from news posts. As a result, when a user views a news posting that contain...
XOOPS 1.0 RC3 - HTML Injection
source: https://www.securityfocus.com/bid/5785/info Problems with XOOPS could make it possible to execute arbitrary script code in a vulnerable client. XOOPS does not sufficiently filter potentially malicious HTML code from posted messages. As a result, when a user views a message posting that...
XOOPS 1.0 RC3 - HTML Injection
XOOPS 1.0 RC3 - HTML Injection source: https://www.securityfocus.com/bid/5785/info Problems with XOOPS could make it possible to execute arbitrary script code in a vulnerable client. XOOPS does not sufficiently filter potentially malicious HTML code from posted messages. As a result, when a user...
CVE-2002-0960
Multiple cross-site scripting vulnerabilities in Voxel Dot Net CBMS 0.7 and earlier allows remote attackers to execute arbitrary script as other CBMS users...
CVE-2002-0962
CVE-2002-0962 corresponds to a cross-site scripting vulnerability in GeekLog 1.3.5 and earlier. The connected Nessus entry links this CVE to GeekLog
CVE-2002-0944
Cross-site scripting vulnerability in DeepMetrix LiveStats 5.03 through 6.2.1 allows remote attackers to execute arbitrary script as the LiveStats user via the 1 user-agent or 2 referrer, which are not filtered by the stats program...
CVE-2002-0959
The CVE-2002-0959 entry refers to a Cross-site scripting vulnerability in Splatt Forum 3.0. The issue allows remote attackers to execute arbitrary script as other users by abusing an tag with a closing quote followed by malicious script. According to the NVD entry, the vulnerability has a base s...
CVE-2002-0955
Cross-site scripting vulnerability in YaBB.cgi for Yet Another Bulletin Board YaBB 1 Gold SP1 and earlier allows remote attackers to execute arbitrary script as other web site visitors via script in the num parameter, which is not filtered in the resulting error message...
CVE-2002-0944
Cross-site scripting vulnerability in DeepMetrix LiveStats 5.03–6.2.1 allows remote attackers to execute arbitrary script as the LiveStats user via the (1) user-agent or (2) referrer, which are not filtered by the stats program. Affected: DeepMetrix LiveStats versions 5.03 through 6.2.1. Impact: ...