CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3725 matches found

Cvelist•added 2004/12/15 5:0 a.m.•12 views

CVE-2004-1213

Cross-site scripting XSS vulnerability in index.php in Advanced Guestbook 2.3.1, 2.2, and possibly other versions allows remote attackers to inject arbitrary web script or HTML via the entry parameter...

5.8AI score0.00726EPSS

Exploits1References4

Cvelist•added 2004/12/08 5:0 a.m.•17 views

CVE-2004-1133

Multiple cross-site scripting XSS vulnerabilities in Microsoft W3Who ISAPI w3who.dll allow remote attackers to inject arbitrary HTML and web script via 1 HTTP headers such as "Connection" or 2 invalid parameters whose values are echoed in the resulting error message...

5.7AI score0.13944EPSS

Exploits0References3

NVD•added 2004/10/20 4:0 a.m.•5 views

CVE-2004-0781

Cross-site scripting XSS vulnerability in list.cgi in the Icecast internal web server icecast-server 1.3.12 and earlier allows remote attackers to inject arbitrary web script via the UserAgent parameter...

4.3CVSS5.6AI score0.00384EPSS

Exploits0References3

Debian CVE•added 2004/09/01 4:0 a.m.•12 views

CVE-2002-1307

Cross-site scripting vulnerability XSS in MHonArc 2.5.12 and earlier allows remote attackers to insert script or HTML via an email message with the script in a MIME header name...

6.8CVSS5.7AI score0.0629EPSS

Exploits0

NVD•added 2004/08/21 4:0 a.m.•12 views

CVE-2004-1735

Cross-site scripting XSS vulnerability in the create list option in Sympa 4.1.x and earlier allows remote authenticated users to inject arbitrary web script or HTML via the description field...

4.3CVSS5.2AI score0.03931EPSS

Exploits1References4

NVD•added 2004/08/17 4:0 a.m.•12 views

CVE-2004-1719

Multiple cross-site scripting XSS vulnerabilities in Merak Webmail Server 5.2.7 allow remote attackers to inject arbitrary web script or HTML via the 1 category, 2 cserver, 3 ext, 4 global, 5 showgroups, 6 or showlite parameters to address.html, or the 7 spage or 8 autoresponder parameters to...

4.3CVSS5.7AI score0.00815EPSS

Exploits1References12

NVD•added 2004/08/16 4:0 a.m.•9 views

CVE-2004-1716

Cross-site scripting XSS vulnerability in PForum before 1.26 allows remote attackers to inject arbitrary web script or HTML via the 1 IRC Server or 2 AIM ID fields in the user profile...

6.8CVSS5.7AI score0.07281EPSS

Exploits1References7

NVD•added 2004/08/06 4:0 a.m.•16 views

CVE-2004-0660

Cross-site scripting XSS vulnerability in 1 showarchives.php, 2 shownews.php, and possibly other php files in CuteNews 1.3.1 allows remote attackers to inject arbitrary script or HTML via the id parameter...

6.8CVSS5.9AI score0.00521EPSS

Exploits0References3

UbuntuCve•added 2004/08/06 4:0 a.m.•12 views

CVE-2004-0591

Cross-site scripting XSS vulnerability in the printheaderuc function for SqWebMail 4.0.4 and earlier, and possibly 3.x, allows remote attackers to inject arbitrary web script or HRML via 1 e-mail headers or 2 a message with a "message/delivery-status" MIME Content-Type...

6.8CVSS6.1AI score0.13907EPSS

Exploits1References1

NVD•added 2004/08/06 4:0 a.m.•12 views

CVE-2004-1711

Cross-site scripting XSS vulnerability in post.php in Moodle before 1.3 allows remote attackers to inject arbitrary web script or HTML via the reply parameter...

4.3CVSS5.7AI score0.00444EPSS

Exploits1References4

NVD•added 2004/07/29 4:0 a.m.•8 views

CVE-2004-2064

Cross-site scripting XSS vulnerability in lostBook 1.1 and earlier allows remote attackers to inject arbitrary web script via the 1 Email or 2 Website fields...

4.3CVSS5.9AI score0.00685EPSS

Exploits0References6

NVD•added 2004/07/27 4:0 a.m.•10 views

CVE-2004-0737

Multiple cross-site scripting vulnerabilities in index.php in the Search module for Php-Nuke allows remote attackers to inject arbitrary web script or HTML via the 1 sid, 2 max, 3 sel1, 4 sel2, 5 sel3, 6 sel4, 7 sel5, 8 match, 9 mod1, 10 mod2, or 11 mod3 parameters...

7.5CVSS6.2AI score0.00041EPSS

Exploits0References2

Cvelist•added 2004/07/23 4:0 a.m.•13 views

CVE-2004-0725

Cross-site scripting XSS vulnerability in help.php in Moodle 1.3.2 and 1.4 dev allows remote attackers to inject arbitrary web script or HTML via the file parameter...

5.7AI score0.0196EPSS

Exploits1References4

Cvelist•added 2004/06/30 4:0 a.m.•12 views

CVE-2004-0617

Cross-site scripting XSS vulnerability in ArbitroWeb 0.6 allows remote attackers to inject arbitrary script or HTML via the rawURL parameter...

5.7AI score0.03193EPSS

Exploits1References3

NVD•added 2004/05/29 4:0 a.m.•11 views

CVE-2004-2040

Multiple cross-site scripting XSS vulnerabilities in e107 0.615 allow remote attackers to inject arbitrary web script or HTML via the 1 LAN407 parameter to clockmenu.php, 2 "email article to a friend" field, 3 "submit news" field, or 4 avmsg parameter to usersettings.php...

4.3CVSS5.7AI score0.02013EPSS

Exploits1References12

NVD•added 2004/04/25 4:0 a.m.•8 views

CVE-2004-1965

Multiple cross-site scripting XSS vulnerabilities in Open Bulletin Board OpenBB 1.0.6 and earlier allows remote attackers to inject arbitrary web script or HTML via the 1 redirect parameter to member.php, 2 to parameter to myhome.php 3 TID parameter to post.php, or 4 redirect parameter to index.p...

4.3CVSS5.8AI score0.00265EPSS

Exploits3References5

NVD•added 2004/04/23 4:0 a.m.•8 views

CVE-2004-1964

Cross-site scripting XSS vulnerability in nqt.php in Network Query Tool NQT 1.6 allows remote attackers to inject arbitrary web script or HTML via the portNum parameter...

4.3CVSS5.7AI score0.00463EPSS

Exploits0References5

NVD•added 2004/03/26 5:0 a.m.•14 views

CVE-2004-1862

Multiple cross-site scripting XSS vulnerabilities in Extreme Messageboard XMB 1.8 SP3 and 1.9 beta allow remote attackers to inject arbitrary web script or HTML via the 1 xmbuser parameter to xmb.php, 2 folder parameter to u2u.php, 3 viewmost, replymost, or latest parameter to stats.php, 4 messag...

4.3CVSS5.8AI score0.01558EPSS

Exploits0References10

NVD•added 2004/03/18 5:0 a.m.•9 views

CVE-2004-1829

Multiple cross-site scripting XSS vulnerabilities in error.php in Gijza.net Error Manager 2.1 for PHP-Nuke 6.0 allow remote attackers to inject arbitrary web script or HTML via the 1 pagetitle or 2 error parameters, or 3 certain parameters in the error log...

4.3CVSS5.8AI score0.00622EPSS

Exploits1References6

NVD•added 2004/03/15 5:0 a.m.•11 views

CVE-2004-1822

Multiple cross-site scripting XSS vulnerabilities in Phorum 3.1 through 5.0.3 beta allow remote attackers to inject arbitrary web script or HTML via the 1 HTTPREFERER parameter to login.php, 2 HTTPREFERER parameter to register.php, or 3 target parameter to profile.php...

4.3CVSS5.8AI score0.01433EPSS

Exploits0References9

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by