Lucene search
K

2327 matches found

securityvulns
securityvulns
added 2002/09/02 12:0 a.m.31 views

NullHTTPD crossite scripting

http://localhost/a?x=SCRIPTalertdocument.URL/SCRIPT...

0.2AI score
Exploits0References1
exploitpack
exploitpack
added 2002/08/21 12:0 a.m.17 views

Apache Tomcat 4.1 - JSP Request Cross-Site Scripting

Apache Tomcat 4.1 - JSP Request Cross-Site Scripting source: https://www.securityfocus.com/bid/5542/info Jakarta Tomcat is a Java Servlet and JSP server produced by the Apache Software Foundation. Tomcat is available for Microsoft Windows, Linux, and other Unix based operating systems. A cross si...

6.8AI score
Exploits0
exploitpack
exploitpack
added 2002/08/13 12:0 a.m.14 views

Microsoft Internet Explorer 6 - File Attachment Script Execution

Microsoft Internet Explorer 6 - File Attachment Script Execution source: https://www.securityfocus.com/bid/5450/info An error has been reported in Microsoft Internet Explorer 6, which may allow malicious file attachments to execute arbitrary code in the context of the local system. HTM files are...

Exploits0
Packet Storm
Packet Storm
added 2002/08/09 12:0 a.m.48 views

operaftp.txt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Title: Opera FTP View Cross-Site Scripting Vulnerability Date: 4 August 2002 Author: Eiji James Yoshida [email protected] Risk: Medium Vulnerable: Windows2000 SP2 Opera 6.03 Windows2000 SP2 Opera 6.04 Overview: Opera allows running Malicious...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2002/07/23 12:0 a.m.18 views

Opera 6.0.1 Microsoft Internet Explorer 56 - JavaScript Modifier Keypress Event Subversion

Opera 6.0.1 Microsoft Internet Explorer 56 - JavaScript Modifier Keypress Event Subversion source: https://www.securityfocus.com/bid/5290/info An issue has been reported with the JavaScript implementation of multiple web browsers, including Microsoft Internet Explorer and Opera. Malicious...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2002/07/23 12:0 a.m.26 views

Opera 6.0.1 / Microsoft Internet Explorer 5/6 - JavaScript Modifier Keypress Event Subversion

source: https://www.securityfocus.com/bid/5290/info An issue has been reported with the JavaScript implementation of multiple web browsers, including Microsoft Internet Explorer and Opera. Malicious JavaScript may subvert some keypress events, with consequences including the disclosure of arbitra...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2002/07/10 12:0 a.m.14 views

GoAhead Web Server 2.1.x - Error Page Cross-Site Scripting

GoAhead Web Server 2.1.x - Error Page Cross-Site Scripting source: https://www.securityfocus.com/bid/5198/info A vulnerability has been reported for GoAhead WebServer 2.1. Reportedly, it is possible for attackers to launch cross site scripting attacks against vulnerable systems. GoAhead WebServer...

0.4AI score
Exploits0
Exploit DB
Exploit DB
added 2002/07/10 12:0 a.m.38 views

Microsoft Internet Explorer 5/6 - OBJECT Tag Same Origin Policy Violation

source: https://www.securityfocus.com/bid/5196/info Microsoft Internet Explorer allows script code to violate the same origin policy through usage of the HTML OBJECT tag. Malicious script code may obtain a legitimate reference to an embedded object containing a web page from the same domain. This...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2002/07/02 12:0 a.m.30 views

CSS in blackboard

Product: Blackboard 5 Vendor: Blackboard inc Website: www.Blackboard.com Reported: 24 apr 2002: Discovered CSS in blackboard program and company.blackboard.com. Reported CSS in blackboard program at http://company.blackboard.com/contactus/Suggestions.cgi. Reported CSS in company.blackboard.com to...

6.7AI score
Exploits0
CVE
CVE
added 2002/06/11 4:0 a.m.37 views

CVE-2002-0413

The CVE-2002-0413 issue is an XSS vulnerability in ReBB that allows remote attackers to execute arbitrary JavaScript and steal cookies via an IMG tag whose URL contains the malicious script. Affected software is ReBB; the vulnerability arises from the handling of image URLs containing script cont...

7.5CVSS7.3AI score0.07023EPSS
Exploits1References3Affected Software1
CERT
CERT
added 2002/06/05 12:0 a.m.29 views

Yahoo! Messenger "addview" function allows for the automatic execution of malicious script contained in web pages

Overview Yahoo! Messenger is an instant messaging client. When installed, Yahoo! Messenger enables a URI handler ymsgr :parameter. The addview function of this handler can be used to execute arbitrary script/html on the local system. Description The addview feature of Yahoo! Messenger is used to...

7.5CVSS6.3AI score0.03871EPSS
Exploits0References2
securityvulns
securityvulns
added 2002/05/17 12:0 a.m.37 views

Hosting Controller still have dangerous bugs!

-Vulnerable versions: all HC versions. 1.Database directory travelsal: By adding slash dot dot,the user can view the files,folders located on the sytem and can add DSN out of user root directory. http://www.target.com/admin/dsn/dsnmanager.asp?...

0.7AI score
Exploits0
exploitpack
exploitpack
added 2002/01/09 12:0 a.m.16 views

Ultimate Bulletin Board 5.46.06.2 - Cross-Agent Scripting

Ultimate Bulletin Board 5.46.06.2 - Cross-Agent Scripting source: https://www.securityfocus.com/bid/3829/info UBB Ultimate Bulletin Board is commercial web forums/community software that is written in Perl. It runs on various Unix/Linux variants, as well as Microsoft Windows NT/2000. UBB is prone...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2002/01/09 12:0 a.m.65 views

YaBB 9.1.2000 - Cross-Agent Scripting

source: https://www.securityfocus.com/bid/3828/info YaBB Yet Another Bulletin Board is freely available web forums/community software that is written in Perl. YaBB will run on most Unix/Linux variants, MacOS, and Microsoft Windows 9x/ME/NT/2000/XP platforms. YaBB is prone to cross-agent scripting...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2001/12/28 12:0 a.m.19 views

DeleGate 7.7.1 - Cross-Site Scripting

DeleGate 7.7.1 - Cross-Site Scripting source: https://www.securityfocus.com/bid/3749/info DeleGate is a proxy server which runs on Linux , Unix, Microsoft Windows and OS/2 platforms. It is capable of translating a number of protocolsHTTP, FTP, NNTP, POP, Telnet, etc. between client and server...

6.8AI score
Exploits0
Cvelist
Cvelist
added 2001/09/18 4:0 a.m.24 views

CVE-2001-0340

An interaction between the Outlook Web Access OWA service in Microsoft Exchange 2000 Server and Internet Explorer allows attackers to execute malicious script code against a user's mailbox via a message attachment that contains HTML code, which is executed automatically...

6.6AI score0.06252EPSS
Exploits0References3
CERT
CERT
added 2001/08/23 12:0 a.m.24 views

IBM WebSphere vulnerable to Cross-Site Scripting via passing of user input directly to default error page

Overview Web Servers that use the IBM WebSphere Java Servlet Container 3.5 and earlier are vulnerable to a cross-site scripting vulnerability. A web site may inadvertently include malicious HTML tags or scriptJavaScript, VBScript, Java, etc. in a dynamically generated page based on unvalidated...

7.5CVSS5.5AI score0.02208EPSS
Exploits1References5
CERT
CERT
added 2001/08/17 12:0 a.m.32 views

Apache Tomcat vulnerable to Cross-Site Scripting via passing of user input directly to default error page

Overview Web Servers that use the Apache Tomcat Java Servlet Container are vulnerable to a cross-site scripting vulnerability. A web site may inadvertently include malicious HTML tags or scriptJavaScript, VBScript, Java, etc. in a dynamically generated page based on unvalidated input from...

5.1CVSS5.4AI score0.1382EPSS
Exploits1References5
exploitpack
exploitpack
added 2001/06/30 12:0 a.m.22 views

PHP 4.x - SafeMode Arbitrary File Execution

PHP 4.x - SafeMode Arbitrary File Execution source: https://www.securityfocus.com/bid/2954/info PHP is the Personal HomePage development toolkit, distributed by the PHP.net, and maintained by the PHP Development Team in public domain. A problem with the toolkit could allow elevated privileges, an...

Exploits0
exploitpack
exploitpack
added 2001/03/31 12:0 a.m.19 views

Microsoft Internet Explorer 5.5 - File Disclosure

Microsoft Internet Explorer 5.5 - File Disclosure source: https://www.securityfocus.com/bid/2833/info Internet Explorer contains a flaw which could enable a remote web site operator to retrieve a known file from a visiting user's system. If a specially formed script containing GetObject function...

7.3AI score
Exploits0
Rows per page
Query Builder