Lucene search
K

363 matches found

securityvulns
securityvulns
added 2003/07/17 12:0 a.m.23 views

ISA Server - Error Page Cross Site Scripting

======================================================================== = ISA Server - Error Page Cross Site Scripting = = [email protected] = http://www.security-assessment.com = = MS Bulletin posted: July 16, 2003 = http...

5.5AI score
Exploits0
securityvulns
securityvulns
added 2003/07/17 12:0 a.m.30 views

Microsoft Security Bulletin MS03-028: Flaw in ISA Server Error Pages Could Allow Cross-Site Scripting Attack (Q816456)

-----BEGIN PGP SIGNED MESSAGE----- - - --------------------------------------------------------------- Title: Flaw in ISA Server Error Pages Could Allow Cross-Site Scripting Attack 816456 Date: 16 July 2003 Software: Microsoftr ISA Server Max Risk: Important Bulletin: MS03-028 Microsoft encourage...

Exploits0
securityvulns
securityvulns
added 2003/07/17 12:0 a.m.241 views

Microsoft Security Bulletin MS03-028: Flaw in ISA Server Error Pages Could Allow Cross-Site Scripting Attack (Q816456)

-----BEGIN PGP SIGNED MESSAGE----- - - --------------------------------------------------------------- Title: Flaw in ISA Server Error Pages Could Allow Cross-Site Scripting Attack 816456 Date: 16 July 2003 Software: Microsoftr ISA Server Max Risk: Important Bulletin: MS03-028 Microsoft encourage...

Exploits0
exploitpack
exploitpack
added 2003/07/16 12:0 a.m.25 views

Microsoft ISA Server 2000 - Cross-Site Scripting

Microsoft ISA Server 2000 - Cross-Site Scripting source: https://www.securityfocus.com/bid/8207/info ISA server will output certain error pages when requests that are invalid, for whatever reason, are transmitted through it. These error pages will appear in the context of the domain that the...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2003/07/16 12:0 a.m.21 views

Microsoft ISA Server 2000 - Cross-Site Scripting

source: https://www.securityfocus.com/bid/8207/info ISA server will output certain error pages when requests that are invalid, for whatever reason, are transmitted through it. These error pages will appear in the context of the domain that the request was made for. It has been reported that many ...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2003/06/26 12:0 a.m.10 views

BRS Webweaver 1.0 - Error Page Cross-Site Scripting

BRS Webweaver 1.0 - Error Page Cross-Site Scripting source: https://www.securityfocus.com/bid/8037/info BRS WebWeaver is prone to cross-site scripting attacks. The vulnerability exists due to insufficient sanitization of user-supplied input. Specifically, BRS WebWeaver includes user requests when...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2003/06/26 12:0 a.m.18 views

BRS Webweaver 1.0 - Error Page Cross-Site Scripting

source: https://www.securityfocus.com/bid/8037/info BRS WebWeaver is prone to cross-site scripting attacks. The vulnerability exists due to insufficient sanitization of user-supplied input. Specifically, BRS WebWeaver includes user requests when generating error pages. Exploitation could permit a...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2003/06/17 12:0 a.m.26 views

Microsoft Internet Explorer 5 - Custom HTTP Error HTML Injection

source: https://www.securityfocus.com/bid/7939/info An issue has been reported for Microsoft Internet Explorer that may result in HTML injection attacks. The vulnerability exists when IE is used to display custom HTTP error messages also known as "Friendly HTTP error messages". Due to some errors...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2003/04/15 12:0 a.m.15 views

Python 2.22.3 - Documentation Server Error Page Cross-Site Scripting

Python 2.22.3 - Documentation Server Error Page Cross-Site Scripting source: https://www.securityfocus.com/bid/7353/info It has been reported that the Python Documentation Server is vulnerable to a cross-site scripting problem in error pages. Because of this, an attacker could potentially cause t...

Exploits0
Exploit DB
Exploit DB
added 2003/04/15 12:0 a.m.23 views

Python 2.2/2.3 - Documentation Server Error Page Cross-Site Scripting

source: https://www.securityfocus.com/bid/7353/info It has been reported that the Python Documentation Server is vulnerable to a cross-site scripting problem in error pages. Because of this, an attacker could potentially cause the execution of malicious HTML and script code in the browser of a we...

7.4AI score
Exploits0
ALT Linux
ALT Linux
added 2002/10/09 12:0 a.m.27 views

Security fix for the ALT Linux 9 package apache2 version 2.0.40-10

Oct. 9, 2002 Joe Orton &[email protected] 2.0.40-10 - fix patch for CAN-2002-0840 to also cover i18n error pages...

6.8CVSS7AI score0.94006EPSS
Exploits0
ALT Linux
ALT Linux
added 2002/10/09 12:0 a.m.28 views

Security fix for the ALT Linux 8 package apache2 version 2.0.40-10

Oct. 9, 2002 Joe Orton &[email protected] 2.0.40-10 - fix patch for CAN-2002-0840 to also cover i18n error pages...

6.8CVSS7AI score0.94006EPSS
Exploits0
ALT Linux
ALT Linux
added 2002/10/09 12:0 a.m.23 views

Security fix for the ALT Linux 10 package apache2 version 2.0.40-10

Oct. 9, 2002 Joe Orton &[email protected] 2.0.40-10 - fix patch for CAN-2002-0840 to also cover i18n error pages...

6.8CVSS6.6AI score0.94006EPSS
Exploits0
exploitpack
exploitpack
added 2002/10/02 12:0 a.m.11 views

Apache 1.32.0.x - Server Side Include Cross-Site Scripting

Apache 1.32.0.x - Server Side Include Cross-Site Scripting source: https://www.securityfocus.com/bid/5847/info Apache is reported to be vulnerable to cross site scripting attacks. This vulnerability is due to the SSI error pages of the webserver not being properly sanitized of malicious HTML code...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2002/10/02 12:0 a.m.32 views

Apache 1.3/2.0.x - Server Side Include Cross-Site Scripting

source: https://www.securityfocus.com/bid/5847/info Apache is reported to be vulnerable to cross site scripting attacks. This vulnerability is due to the SSI error pages of the webserver not being properly sanitized of malicious HTML code. Attacker-supplied HTML and script code may be executed on...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2002/06/14 12:0 a.m.35 views

Imatix Xitami 2.5 - GSL Template Cross-Site Scripting

source: https://www.securityfocus.com/bid/5025/info Imatix Xitami is a webserver for Microsoft Windows operating systems. It is possible for attackers to construct a URL that will cause scripting code to be embedded in error pages. Xitami fails to check URLs for the presence of script commands wh...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2002/06/14 12:0 a.m.12 views

Imatix Xitami 2.5 - GSL Template Cross-Site Scripting

Imatix Xitami 2.5 - GSL Template Cross-Site Scripting source: https://www.securityfocus.com/bid/5025/info Imatix Xitami is a webserver for Microsoft Windows operating systems. It is possible for attackers to construct a URL that will cause scripting code to be embedded in error pages. Xitami fail...

6.8AI score
Exploits0
exploitpack
exploitpack
added 2001/12/28 12:0 a.m.20 views

DeleGate 7.7.1 - Cross-Site Scripting

DeleGate 7.7.1 - Cross-Site Scripting source: https://www.securityfocus.com/bid/3749/info DeleGate is a proxy server which runs on Linux , Unix, Microsoft Windows and OS/2 platforms. It is capable of translating a number of protocolsHTTP, FTP, NNTP, POP, Telnet, etc. between client and server...

6.8AI score
Exploits0
CERT
CERT
added 2001/08/27 12:0 a.m.26 views

IBM VisualAge Professional vulnerable to Cross-Site Scripting via passing of user input directly to default error page

Overview Web Servers that use the IBM VisualAge Professional Vesion 3.5 Java Servlet Container are vulnerable to a cross-site scripting vulnerability. A web site may inadvertently include malicious HTML tags or scriptJavaScript, VBScript, Java, etc. in a dynamically generated page based on...

7.5CVSS5.4AI score0.02208EPSS
Exploits1References5
CERT
CERT
added 2001/08/23 12:0 a.m.24 views

IBM WebSphere vulnerable to Cross-Site Scripting via passing of user input directly to default error page

Overview Web Servers that use the IBM WebSphere Java Servlet Container 3.5 and earlier are vulnerable to a cross-site scripting vulnerability. A web site may inadvertently include malicious HTML tags or scriptJavaScript, VBScript, Java, etc. in a dynamically generated page based on unvalidated...

7.5CVSS5.5AI score0.02208EPSS
Exploits1References5
Rows per page
Query Builder