Lucene search
K

70 matches found

Prion
Prion
added 2010/03/15 9:30 p.m.13 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Gonafish WebStatCaffe allow remote attackers to inject arbitrary web script or HTML via the 1 host parameter to stat/host.php, nodayshow parameter to 2 mostvisitpage.php and 3 visitorduration.php in stat/, 4 nopagesmost parameter to...

4.3CVSS6.1AI score0.01303EPSS
Exploits1References2
Cvelist
Cvelist
added 2010/03/15 9:0 p.m.20 views

CVE-2009-4717

Multiple cross-site scripting XSS vulnerabilities in Gonafish WebStatCaffe allow remote attackers to inject arbitrary web script or HTML via the 1 host parameter to stat/host.php, nodayshow parameter to 2 mostvisitpage.php and 3 visitorduration.php in stat/, 4 nopagesmost parameter to...

5.8AI score0.01303EPSS
Exploits1References2
Prion
Prion
added 2008/01/04 11:46 a.m.12 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in 2z project 0.9.6.1 allow remote attackers to inject arbitrary web script or HTML via the 1 contentshort or 2 contentfull parameter in an addnews action to the default URI; 3 the content parameter in a pm write action to 2z/admin.php; 4 the...

4.3CVSS6.1AI score0.01107EPSS
Exploits1References5Affected Software1
Prion
Prion
added 2006/04/20 10:2 a.m.16 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in UserLand Manila allow remote attackers to inject arbitrary web script or HTML 1 via the referer parameter in sendMail, and via attributes of 2 the A element and certain other HTML elements in web pages edited with the editInBrowser module. NOTE...

2.6CVSS5.9AI score0.01584EPSS
Exploits1References3
NVD
NVD
added 2006/04/20 10:2 a.m.20 views

CVE-2006-1903

Multiple cross-site scripting XSS vulnerabilities in UserLand Manila allow remote attackers to inject arbitrary web script or HTML 1 via the referer parameter in sendMail, and via attributes of 2 the A element and certain other HTML elements in web pages edited with the editInBrowser module. NOTE...

2.6CVSS5.7AI score0.01161EPSS
Exploits0References3
Cvelist
Cvelist
added 2005/05/10 4:0 a.m.18 views

CVE-2004-2028

Cross-site scripting XSS vulnerability in stats.php in e107 allows remote attackers to inject arbitrary web script or HTML via the referer parameter to log.php...

5.7AI score0.03512EPSS
Exploits0References5
CVE
CVE
added 2005/05/10 4:0 a.m.57 views

CVE-2004-2028

CVE-2004-2028 describes a cross-site scripting (XSS) vulnerability in the PHP component used by the e107 CMS, specifically in the stats.php module. The flaw allows remote attackers to inject arbitrary web script or HTML by manipulating the referer parameter sent to log.php. Affected software is e...

4.3CVSS6AI score0.03512EPSS
Exploits0References5Affected Software1
exploitpack
exploitpack
added 2004/09/14 12:0 a.m.20 views

SnipSnap 0.5.2 - HTTP Response Splitting

SnipSnap 0.5.2 - HTTP Response Splitting source: https://www.securityfocus.com/bid/11180/info SnipSnap is reported prone to an HTTP response splitting vulnerability. The issue exists in the 'referer' parameter. The issue presents itself due to a flaw in the application that allows an attacker to...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2004/09/14 12:0 a.m.26 views

SnipSnap 0.5.2 - HTTP Response Splitting

source: https://www.securityfocus.com/bid/11180/info SnipSnap is reported prone to an HTTP response splitting vulnerability. The issue exists in the 'referer' parameter. The issue presents itself due to a flaw in the application that allows an attacker to manipulate how POST requests are handled...

7AI score
Exploits0
NVD
NVD
added 2004/05/21 4:0 a.m.13 views

CVE-2004-2028

Cross-site scripting XSS vulnerability in stats.php in e107 allows remote attackers to inject arbitrary web script or HTML via the referer parameter to log.php...

4.3CVSS5.7AI score0.03512EPSS
Exploits0References5
Rows per page
Query Builder