CVE-2002-0205

The CVE-2002-0205 entry describes a cross‑site scripting (XSS) flaw in Plumtree Corporate Portal 3.5–4.5, where an attacker could inject arbitrary script via the Description parameter in error.asp, potentially affecting other clients. The affected product/component is Plumtree Corporate Portal (e...

CVE-2002-0316

Cross-site scripting vulnerability in eXtreme message board XMB 1.6x and earlier allows remote attackers to execute script as other XMB users by inserting the script into an IMG tag...

CVE-2002-0075

Cross-site scripting vulnerability for Internet Information Server IIS 4.0, 5.0 and 5.1 allows remote attackers to execute arbitrary script as other web users via the error message used in a URL redirect ""302 Object Moved" message...

CVE-2002-1640

Multiple cross-site scripting XSS vulnerabilities in Oracle Configurator before 11.5.7.17.32 and 11.5.6.16.53 allows remote attackers to inject arbitrary web script or HTML via 1 Text Features in the DHTML UI or 2 the test parameter to the oracle.apps.cz.servlet.UiServlet servlet...

CVE-2002-0117

Cross-site scripting vulnerability in Yet Another Bulletin Board YaBB 1 Gold SP 1 and earlier allows remote attackers to execute arbitrary script and steal cookies via a message containing encoded Javascript in an IMG tag...

CVE-2002-0118

Cross-site scripting vulnerability in Infopop Ultimate Bulletin Board UBB 6.2.0 Beta Release 1.0 allows remote attackers to execute arbitrary script and steal cookies via a message containing encoded Javascript in an IMG tag...

CVE-2002-0118

The CVE-2002-0118 entry concerns Infopop Ultimate Bulletin Board (UBB) 6.2.0 Beta Release 1.0, where a cross‑site scripting (XSS) vulnerability exists. According to the description, remote attackers can execute arbitrary script and steal cookies by sending a message containing encoded Javascript ...

CVE-2001-1524

Cross-site scripting XSS vulnerability in PHP-Nuke 5.3.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the 1 uname parameter in user.php, 2 ttitle, letter and file parameters in modules.php, 3 subject, story and storyext parameters in submit.php, 4 upload paramete...

PT-2001-2334 · Agora · Agora

Name of the Vulnerable Software and Affected Versions: Agora versions 3.0a through 4.0g Description: The issue allows remote attackers to execute Javascript on other clients via the cart id parameter in agora.cgi when debug mode is enabled. This occurs because of a cross-site scripting issue...

CVE-2001-0712

The rendering engine in Internet Explorer determines the MIME type independently of the type that is specified by the server, which allows remote servers to automatically execute script which is placed in a file whose MIME type does not normally support scripting, such as text .txt, JPEG .jpg, et...

CVE-2001-0999

Outlook Express 6.00 allows remote attackers to execute arbitrary script by embedding SCRIPT tags in a message whose MIME content type is text/plain, contrary to the expected behavior that text/plain messages will not run script...

CVE-2001-0970

Cross-site scripting vulnerability in TDForum 1.2 CGI script tdforum12.cgi allows remote attackers to execute arbitrary script on other clients via a forum message that contains the script...

CVE-2001-0991

Cross-site scripting vulnerability in Proxomitron Naoko-4 BetaFour and earlier allows remote attackers to execute arbitrary script on other clients via an incorrect URL containing the malicious script, which is printed back in an error message...

PHPLib Team PHPLIB 7.2 - Remote Script Execution

source: https://www.securityfocus.com/bid/3079/info The PHP Base Library'PHPLIB' is a code library which provides support for session management in web applications. It is targeted to developers and is widely used in many web applications, so a strong possibility exists that an application may be...

PHPLib Team PHPLIB 7.2 - Remote Script Execution

PHPLib Team PHPLIB 7.2 - Remote Script Execution source: https://www.securityfocus.com/bid/3079/info The PHP Base Library'PHPLIB' is a code library which provides support for session management in web applications. It is targeted to developers and is widely used in many web applications, so a...

CVE-2001-1325

Internet Explorer 5.0 and 5.5, and Outlook Express 5.0 and 5.5, allow remote attackers to execute scripts when Active Scripting is disabled by including the scripts in XML stylesheets XSL that are referenced using an IFRAME tag, possibly due to a vulnerability in Windows Scripting Host WSH...

SWSoft ASPSeek 1.0 - s.cgi Remote Buffer Overflow

SWSoft ASPSeek 1.0 - s.cgi Remote Buffer Overflow source: https://www.securityfocus.com/bid/2492/info A buffer overflow in ASPSeek versions 1.0.0 through to 1.0.3 allows for arbitrary code execution with the privileges of the web server. The vulnerable script is s.cgi and the buffer overflow can ...

CVE-1999-0488

Internet Explorer 4.0 and 5.0 allows a remote attacker to execute security scripts in a different security context using malicious URLs, a variant of the "cross frame" vulnerability...