CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

242 matches found

Prion•added 2006/01/22 8:3 p.m.•9 views

Cross site scripting

Cross-site scripting XSS vulnerability in addcomment.php in Bit 5 Blog 8.01 allows remote attackers to inject arbitrary web script or HTML via a javascript URI in an tag in the comment parameter, which strips most tags but not...

4.3CVSS6.1AI score0.11996EPSS

Exploits1References8Affected Software1

NVD•added 2006/01/22 8:3 p.m.•8 views

CVE-2006-0364

Cross-site scripting XSS vulnerability in MyBulletinBoard MyBB allows remote attackers to inject arbitrary web script or HTML via a signature containing a JavaScript URI in the SRC attribute of an IMG element, in which the URI uses SGML numeric character references without trailing semicolons, as...

4.3CVSS5.6AI score0.00674EPSS

Exploits1References6

Prion•added 2006/01/22 8:3 p.m.•14 views

Cross site scripting

Cross-site scripting XSS vulnerability in Phpclanwebsite aka PCW allows remote attackers to inject arbitrary web script or HTML via a javascript URI in a BBCode img tag...

4.3CVSS6.1AI score0.00756EPSS

Exploits0References5Affected Software1

Prion•added 2006/01/22 8:3 p.m.•14 views

Cross site scripting

4.3CVSS6AI score0.00674EPSS

Exploits1References6Affected Software1

Cvelist•added 2006/01/22 8:0 p.m.•13 views

CVE-2006-0366

Cross-site scripting XSS vulnerability in Phpclanwebsite aka PCW allows remote attackers to inject arbitrary web script or HTML via a javascript URI in a BBCode img tag...

5.6AI score0.00756EPSS

Exploits0References5

CVE•added 2006/01/19 1:0 a.m.•37 views

CVE-2006-0310

The CVE-2006-0310 vulnerability affects aoblogger 2.3. It is a cross-site scripting (XSS) flaw that allows remote attackers to inject arbitrary Javascript via a javascript URI in the BBcode url tag. The root cause is improper handling of the BBcode url tag in aoblogger 2.3, enabling script execut...

4.3CVSS5.8AI score0.09888EPSS

Exploits1References8Affected Software1

Cvelist•added 2006/01/19 1:0 a.m.•12 views

CVE-2006-0310

Cross-site scripting XSS vulnerability in aoblogger 2.3 allows remote attackers to inject arbitrary Javascript via a javascript URI in the BBcode url tag...

5.8AI score0.09888EPSS

Exploits1References8

Positive Technologies•added 2006/01/19 12:0 a.m.•2 views

PT-2006-1383 · Aoblogger · Aoblogger

Name of the Vulnerable Software and Affected Versions: aoblogger version 2.3 Description: The issue allows remote attackers to inject arbitrary Javascript via a javascript URI in the BBcode url tag, which can lead to cross-site scripting XSS. Recommendations: For aoblogger version 2.3, consider...

4.3CVSS6.2AI score0.09888EPSS

Exploits1References10

Prion•added 2006/01/18 12:7 a.m.•13 views

Cross site scripting

Cross-site scripting XSS vulnerability in functions.php in microBlog 2.0 RC-10 allows remote attackers to inject arbitrary web script and HTML via a javascript: URI in a url BBcode tag...

4.3CVSS6.1AI score0.00416EPSS

Exploits0References5Affected Software1

CVE•added 2006/01/18 12:0 a.m.•37 views

CVE-2006-0233

CVE-2006-0233 refers to a cross-site scripting (XSS) vulnerability in the PHP file functions.php of the microBlog 2.0 RC-10 package. The issue allows remote attackers to execute arbitrary web script and HTML by supplying a javascript: URI in a [url] BBCode tag, potentially compromising user sessi...

4.3CVSS5.7AI score0.00416EPSS

Exploits0References5Affected Software1

Cvelist•added 2006/01/18 12:0 a.m.•14 views

CVE-2006-0233

Cross-site scripting XSS vulnerability in functions.php in microBlog 2.0 RC-10 allows remote attackers to inject arbitrary web script and HTML via a javascript: URI in a url BBcode tag...

5.7AI score0.00416EPSS

Exploits0References5

NVD•added 2006/01/10 11:3 a.m.•16 views

CVE-2006-0155

Cross-site scripting XSS vulnerability in posts.php in 427BB 2.2 and 2.2.1 allows remote attackers to inject arbitrary Javascript via a new message with a url bbcode tag containing a javascript URI...

4.3CVSS5.9AI score0.00704EPSS

Exploits1References6

Prion•added 2006/01/10 11:3 a.m.•14 views

Cross site scripting

4.3CVSS6.3AI score0.00704EPSS

Exploits1References6Affected Software1

NVD•added 2006/01/10 11:3 a.m.•8 views

CVE-2006-0156

Cross-site scripting XSS vulnerability in Foxrum 4.0.4f allows remote attackers to inject arbitrary Javascript via the javascript URI in bbcode url tags in 1 addpost1.php and 2 addtopic1.php...

4.3CVSS5.9AI score0.00763EPSS

Exploits1References7

Cvelist•added 2006/01/10 11:0 a.m.•15 views

CVE-2006-0156

Cross-site scripting XSS vulnerability in Foxrum 4.0.4f allows remote attackers to inject arbitrary Javascript via the javascript URI in bbcode url tags in 1 addpost1.php and 2 addtopic1.php...

5.9AI score0.00763EPSS

Exploits1References7

Cvelist•added 2006/01/10 11:0 a.m.•19 views

CVE-2006-0155

5.9AI score0.00704EPSS

Exploits1References6

CVE•added 2006/01/10 11:0 a.m.•43 views

CVE-2006-0156

CVE-2006-0156 is a cross-site scripting vulnerability in Foxrum 4.0.4f that allows remote attackers to inject arbitrary Javascript via the javascript: URI used in bbcode url tags in the files addpost1.php and addtopic1.php . The issue is triggered by crafting URLs in bbcode that execute JavaScrip...

4.3CVSS5.9AI score0.00763EPSS

Exploits1References7Affected Software1

CVE•added 2006/01/10 11:0 a.m.•62 views

CVE-2006-0155

CVE-2006-0155 describes a cross-site scripting (XSS) flaw in the 427BB web app, specifically in posts.php across versions 2.2 and 2.2.1. The issue arises when a user submits a new message that uses a url BBCode tag containing a javascript URI, allowing remote attackers to inject arbitrary JavaScr...

4.3CVSS5.9AI score0.00704EPSS

Exploits1References6Affected Software1

securityvulns•added 2006/01/09 12:0 a.m.•27 views

[SA18354] 427BB Multiple Vulnerabilities

TITLE: 427BB Multiple Vulnerabilities SECUNIA ADVISORY ID: SA18354 VERIFY ADVISORY: http://secunia.com/advisories/18354/ CRITICAL: Moderately critical IMPACT: Security Bypass, Cross Site Scripting, Manipulation of data WHERE: From remote SOFTWARE: 427BB 2.x http://secunia.com/product/4730/...

1.1AI score

Exploits0

Tenable Nessus•added 2005/08/01 12:0 a.m.•14 views

FreeBSD : opera -- image dragging vulnerability (934b1de4-00d7-11da-bc08-0001020eed82)

A Secunia Advisory reports : Secunia Research has discovered a vulnerability in Opera, which can be exploited by malicious people to conduct cross-site scripting attacks and retrieve a user's files. The vulnerability is caused due to Opera allowing a user to drag e.g. an image, which is actually ...

5.1AI score

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by