Lucene search
K

188 matches found

securityvulns
securityvulns
added 2006/05/03 12:0 a.m.41 views

Russcom.net Loginphp multiple vulnerabilties

Russcom.net Loginphp multiple vulnerabilties Discovered by: Nomenumbra Date: 5/2/2006 impact:moderate privilege escalation,possible defacement Russcom.net's loginphp script is a small usermanagement script: Users can sign up for a username which they can use to login to the password protected mai...

0.1AI score
Exploits0
Prion
Prion
added 2006/02/13 11:6 a.m.12 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Lotus Domino iNotes Client 6.5.4 and 7.0 allow remote attackers to inject arbitrary web script or HTML via 1 an email subject; 2 an encoded javascript URI, as demonstrated using "javascript:"; or 3 when the Domino Web Access ActiveX control is...

4.3CVSS6.1AI score0.05559EPSS
Exploits1References12Affected Software1
OSV
OSV
added 2005/09/07 7:7 p.m.6 views

CVE-2005-2820

Cross-site scripting XSS vulnerability in SqWebMail 5.0.4 allows remote attackers to inject arbitrary web script or HTML via an e-mail message containing Internet Explorer "Conditional Comments" such as "if" and "endif"...

5.5AI score
Exploits0References8
OSV
OSV
added 2005/09/07 7:7 p.m.2 views

DEBIAN-CVE-2005-2820

Cross-site scripting XSS vulnerability in SqWebMail 5.0.4 allows remote attackers to inject arbitrary web script or HTML via an e-mail message containing Internet Explorer "Conditional Comments" such as "if" and "endif"...

4.3CVSS5.7AI score0.02172EPSS
Exploits0References1
Cvelist
Cvelist
added 2005/06/21 4:0 a.m.15 views

CVE-2002-1771

Matt Wright FormMail 1.9 and earlier allows remote attackers to send spam or anonymous e-mail by injecting a newline character followed by CC:, BCC:, or additional TO: fields in the email and realname CGI variables...

6.7AI score0.01351EPSS
Exploits0References4
CVE
CVE
added 2005/06/21 4:0 a.m.45 views

CVE-2002-1771

FormMail 1.9 and earlier contains a newline-injection flaw in the email/realname CGI variables that allows remote attackers to inject CC/BCC/TO fields, enabling spam or anonymous email. Affected component is the FormMail mailing script; impact is remote abuse without authentication. The provided ...

5CVSS7.1AI score0.01351EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2005/02/12 5:0 a.m.18 views

CVE-2004-1418

Cross-site scripting XSS vulnerability in WPKontakt 3.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via an e-mail address, which is not quoted when a parsing error is generated...

5.7AI score0.0179EPSS
Exploits1References3
securityvulns
securityvulns
added 2002/10/25 12:0 a.m.27 views

XSS vulnerability in Mojo Mail Sign-Up Form

Heya, this is my first post here so go easy on me plz. I posted about this on the Mojo Bug Tracker ages ago and it's just been ignored, and besides, Im losing faith in reporting to the vendor, PHP Arena took the credit for an XSS bug I found in their paFileDB. But anyway, Mojo Mail doesn't filter...

0.5AI score
Exploits0
Rows per page
Query Builder