CVE-2002-0189

Cross-site scripting vulnerability in Internet Explorer 6.0 allows remote attackers to execute scripts in the Local Computer zone via a URL that exploits a local HTML resource file, aka the "Cross-Site Scripting in Local HTML Resource" vulnerability...

CVE-2002-0205

Cross-site scripting CSS vulnerability in error.asp for Plumtree Corporate Portal 3.5 through 4.5 allows remote attackers to execute arbitrary script on other clients via the "Description" parameter...

CVE-2002-0238

Cross-site scripting vulnerability in web administration interface for NetGear RT314 and RT311 Gateway Routers allows remote attackers to execute arbitrary script on another client via a URL that contains the script...

CVE-2001-1248

vWebServer 1.2.0 allows remote attackers to view arbitrary ASP scripts via a request for an ASP script that ends with a URL-encoded space character %20...

CVE-2002-0205

Cross-site scripting CSS vulnerability in error.asp for Plumtree Corporate Portal 3.5 through 4.5 allows remote attackers to execute arbitrary script on other clients via the "Description" parameter...

CVE-2002-0242

Cross-site scripting vulnerability in Internet Explorer 6 earlier allows remote attackers to execute arbitrary script via an Extended HTML Form, whose output from the remote server is not properly cleansed...

CVE-2002-0242

The CVE-2002-0242 entry concerns Internet Explorer 6 and describes a cross-site scripting vulnerability where output from a remote server via an Extended HTML Form is not properly cleansed, allowing remote script execution. Affected component: Internet Explorer 6 (Extended HTML Form handling). Ro...

CVE-2002-0205

The CVE-2002-0205 entry describes a cross‑site scripting (XSS) flaw in Plumtree Corporate Portal 3.5–4.5, where an attacker could inject arbitrary script via the Description parameter in error.asp, potentially affecting other clients. The affected product/component is Plumtree Corporate Portal (e...

CVE-2002-0316

Cross-site scripting vulnerability in eXtreme message board XMB 1.6x and earlier allows remote attackers to execute script as other XMB users by inserting the script into an IMG tag...

CVE-2002-0075

Cross-site scripting vulnerability for Internet Information Server IIS 4.0, 5.0 and 5.1 allows remote attackers to execute arbitrary script as other web users via the error message used in a URL redirect ""302 Object Moved" message...

CVE-2002-1640

Multiple cross-site scripting XSS vulnerabilities in Oracle Configurator before 11.5.7.17.32 and 11.5.6.16.53 allows remote attackers to inject arbitrary web script or HTML via 1 Text Features in the DHTML UI or 2 the test parameter to the oracle.apps.cz.servlet.UiServlet servlet...

CVE-2002-0117

Cross-site scripting vulnerability in Yet Another Bulletin Board YaBB 1 Gold SP 1 and earlier allows remote attackers to execute arbitrary script and steal cookies via a message containing encoded Javascript in an IMG tag...

CVE-2002-0118

Cross-site scripting vulnerability in Infopop Ultimate Bulletin Board UBB 6.2.0 Beta Release 1.0 allows remote attackers to execute arbitrary script and steal cookies via a message containing encoded Javascript in an IMG tag...

CVE-2002-0118

The CVE-2002-0118 entry concerns Infopop Ultimate Bulletin Board (UBB) 6.2.0 Beta Release 1.0, where a cross‑site scripting (XSS) vulnerability exists. According to the description, remote attackers can execute arbitrary script and steal cookies by sending a message containing encoded Javascript ...

CVE-2001-1524

Cross-site scripting XSS vulnerability in PHP-Nuke 5.3.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the 1 uname parameter in user.php, 2 ttitle, letter and file parameters in modules.php, 3 subject, story and storyext parameters in submit.php, 4 upload paramete...

PT-2001-2334 · Agora · Agora

Name of the Vulnerable Software and Affected Versions: Agora versions 3.0a through 4.0g Description: The issue allows remote attackers to execute Javascript on other clients via the cart id parameter in agora.cgi when debug mode is enabled. This occurs because of a cross-site scripting issue...

CVE-2001-0712

The rendering engine in Internet Explorer determines the MIME type independently of the type that is specified by the server, which allows remote servers to automatically execute script which is placed in a file whose MIME type does not normally support scripting, such as text .txt, JPEG .jpg, et...

CVE-2001-0999

Outlook Express 6.00 allows remote attackers to execute arbitrary script by embedding SCRIPT tags in a message whose MIME content type is text/plain, contrary to the expected behavior that text/plain messages will not run script...

CVE-2001-0970

Cross-site scripting vulnerability in TDForum 1.2 CGI script tdforum12.cgi allows remote attackers to execute arbitrary script on other clients via a forum message that contains the script...

CVE-2001-0991

Cross-site scripting vulnerability in Proxomitron Naoko-4 BetaFour and earlier allows remote attackers to execute arbitrary script on other clients via an incorrect URL containing the malicious script, which is printed back in an error message...