4518 matches found
PT-2003-1862 · Icq · Icq Web Front
Name of the Vulnerable Software and Affected Versions: ICQ Web Front affected versions not specified Description: A cross-site scripting XSS issue exists in the guestbook component of ICQ Web Front, specifically in the guestbook.html file. This allows remote attackers to inject arbitrary web scri...
ICQ Webfront - Persistant XSS
------------------------------------------------------------------ - EXPL-A-2003-024 exploitlabs.com Advisory 024 ------------------------------------------------------------------ -= ICQ Webfront =- Donnie Werner Sept 09 2003 exploitlabs.com Vunerabilitys: ---------------- 1. Persistant Remote X...
CVE-2003-0726
RealOne player allows remote attackers to execute arbitrary script in the "My Computer" zone via a SMIL presentation with a URL that references a scripting protocol, which is executed in the security context of the previously loaded URL, as demonstrated using a "javascript:" URL in the area tag...
PT-2003-1822 · Realnetworks · Realone Player
Name of the Vulnerable Software and Affected Versions: RealOne player affected versions not specified Description: The issue allows remote attackers to execute arbitrary script in the "My Computer" zone. This is achieved via a SMIL presentation with a URL that references a scripting protocol. The...
ZH2003-21SA (security advisory): DcForum+ XSS Vulnerability
ZH2003-21SA security advisory: DcForum+ XSS Vulnerability Published: 10 august 2003 Released: 10 august 2003 Name: DcForum+ Affected Systems: 1.2 Issue: Remote attackers can inject XSS script Author: G00db0y zone-h org Vendor: http://www.dcscripts.com/dcforump.shtml Description Zone-h Security Te...
CVE-2003-1088
Cross-site scripting XSS vulnerability in index.php for Zorum 3.4 and 3.5 allows remote attackers to inject arbitrary web script or HTML via the method parameter...
DSA-371 perl - cross-site scripting
Bulletin has no description...
CVE-2003-0492
Cross-site scripting XSS vulnerability in search.asp for Snitz Forums 3.4.03 and earlier allows remote attackers to execute arbitrary web script via the Search parameter...
CVE-2003-0446
Cross-site scripting XSS in Internet Explorer 5.5 and 6.0, possibly in a component that is also used by other Microsoft products, allows remote attackers to insert arbitrary web script via an XML file that contains a parse error, which inserts the script in the resulting error message...
CVE-2003-0389
Cross-site scripting XSS vulnerability in the secure redirect function of RSA ACE/Agent 5.0 for Windows, and 5.x for Web, allows remote attackers to insert arbitrary web script and possibly cause users to enter a passphrase via a GET request containing the script...
CVE-2003-0447
The Custom HTTP Errors capability in Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to execute script in the Local Zone via an argument to shdocvw.dll that causes a "javascript:" link to be generated...
CVE-2003-0526
Cross-site scripting XSS vulnerability in Microsoft Internet Security and Acceleration ISA Server 2000 allows remote attackers to inject arbitrary web script via a URL containing the script in the domain name portion, which is not properly cleansed in the default error pages 1 500.htm for "500...
CVE-2003-0523
Cross-site scripting XSS vulnerability in msg.asp for certain versions of ProductCart allow remote attackers to execute arbitrary web script via the message parameter...
Verity K2 Toolkit 2.20 - Cross-Site Scripting
source: https://www.securityfocus.com/bid/8073/info It has been reported that Verity K2 Toolkit does not sufficiently filter user-supplied search parameters. As a result of this reported deficiency, it may be possible for a remote attacker to create a malicious link containing script code that wi...
CVE-2003-0481
Multiple cross-site scripting XSS vulnerabilities in TUTOS 1.1 allow remote attackers to insert arbitrary web script, as demonstrated using the msg parameter to fileselect.php...
CVE-2003-0416
Cross-site scripting XSS vulnerability in index.cgi for Bandmin 1.4 allows remote attackers to insert arbitrary HTML or script via 1 the year parameter in a showmonth action, 2 the month parameter in a showmonth action, or 3 the host parameter in a showhost action...
CVE-2003-0341
Cross-site scripting XSS vulnerability in Owl Intranet Engine 0.71 and earlier allows remote attackers to insert arbitrary script via the Search field...
CVE-2003-0278
Cross-site scripting XSS vulnerability in normalhtml.cgi in Happycgi.com Happymall 4.3 and 4.4 allows remote attackers to insert arbitrary web script via the file parameter...
CVE-2003-0115
Microsoft Internet Explorer 5.01, 5.5 and 6.0 does not properly check parameters that are passed during third party rendering, which could allow remote attackers to execute arbitrary web script, aka the "Third Party Plugin Rendering" vulnerability, a different vulnerability than CVE-2003-0233...
CVE-2003-0273
Cross-site scripting XSS vulnerability in the web interface for Request Tracker RT 1.0 through 1.0.7 allows remote attackers to execute script via message bodies...