CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

6682 matches found

exploitpack•added 2002/09/26 12:0 a.m.•21 views

PostNuke 0.72 - modules.php Cross-Site Scripting

PostNuke 0.72 - modules.php Cross-Site Scripting source: https://www.securityfocus.com/bid/5809/info A cross site scripting vulnerability has been reported for PostNuke. An attacker may exploit this vulnerability by enticing a victim user to follow a malicious link. Attacker-supplied HTML and...

exploitpack•added 2002/09/25 12:0 a.m.•16 views

Drupal 4.0 - News Message HTML Injection

Drupal 4.0 - News Message HTML Injection source: https://www.securityfocus.com/bid/5801/info Problems with Drupal could allow an attacker to execute arbitrary script code in a vulnerable client. Drupal fails to sufficiently filter potentially malicious HTML code from news posts. As a result, when...

exploitpack•added 2002/09/25 12:0 a.m.•26 views

DaCode 1.2 - News Message HTML Injection

DaCode 1.2 - News Message HTML Injection source: https://www.securityfocus.com/bid/5798/info Problems with DaCode could make it possible to execute arbitrary script code in a vulnerable client. DaCode does not sufficiently filter potentially malicious HTML code from news posts. As a result, when ...

Exploit DB•added 2002/09/25 12:0 a.m.•30 views

PHP-Nuke 6.0 - News Message HTML Injection

source: https://www.securityfocus.com/bid/5796/info Problems with PHPNuke could make it possible to execute arbitrary script code in a vulnerable client. PHPNuke does not sufficiently filter potentially malicious HTML code from news posts. As a result, when a user views a news posting that contai...

exploitpack•added 2002/09/25 12:0 a.m.•15 views

NPDS 4.8 - News Message HTML Injection

NPDS 4.8 - News Message HTML Injection source: https://www.securityfocus.com/bid/5797/info Problems with NPDS could make it possible to execute arbitrary script code in a vulnerable client. NPDS does not sufficiently filter potentially malicious HTML code from news posts. As a result, when a user...

Exploit DB•added 2002/09/25 12:0 a.m.•29 views

NPDS 4.8 - News Message HTML Injection

source: https://www.securityfocus.com/bid/5797/info Problems with NPDS could make it possible to execute arbitrary script code in a vulnerable client. NPDS does not sufficiently filter potentially malicious HTML code from news posts. As a result, when a user views a news posting that contains...

Exploit DB•added 2002/09/25 12:0 a.m.•32 views

phpWebSite 0.8.3 - News Message HTML Injection

source: https://www.securityfocus.com/bid/5802/info Problems with phpWebSite could make it possible to execute arbitrary script code in a vulnerable client. phpWebSite does not sufficiently filter potentially malicious HTML code from news posts. As a result, when a user views a news posting that...

Exploit DB•added 2002/09/25 12:0 a.m.•31 views

DaCode 1.2 - News Message HTML Injection

source: https://www.securityfocus.com/bid/5798/info Problems with DaCode could make it possible to execute arbitrary script code in a vulnerable client. DaCode does not sufficiently filter potentially malicious HTML code from news posts. As a result, when a user views a news posting that contains...

Exploit DB•added 2002/09/25 12:0 a.m.•23 views

ACWeb 1.14/1.8 - Cross-Site Scripting

source: https://www.securityfocus.com/bid/5793/info acWEB is prone to cross-site scripting attacks. It is possible to construct a malicious link to the web server which contains arbitrary script code. When the link is visited, the script code will be executed in the web client of the user visitin...

Exploit DB•added 2002/09/25 12:0 a.m.•37 views

Drupal 4.0 - News Message HTML Injection

source: https://www.securityfocus.com/bid/5801/info Problems with Drupal could allow an attacker to execute arbitrary script code in a vulnerable client. Drupal fails to sufficiently filter potentially malicious HTML code from news posts. As a result, when a user views a news posting that contain...

Cvelist•added 2002/09/24 4:0 a.m.•17 views

CVE-2002-1131

Cross-site scripting vulnerabilities in SquirrelMail 1.2.7 and earlier allows remote attackers to execute script as other web users via 1 addressbook.php, 2 options.php, 3 search.php, or 4 help.php...

6.6AI score0.02841EPSS

Exploits2References6

NVD•added 2002/09/24 4:0 a.m.•18 views

CVE-2002-0691

Microsoft Internet Explorer 5.01 and 5.5 allows remote attackers to execute scripts in the Local Computer zone via a URL that references a local HTML resource file, a variant of "Cross-Site Scripting in Local HTML Resource" as identified by CAN-2002-0189...

7.5CVSS6.2AI score0.15058EPSS

Exploits1References3

NVD•added 2002/09/24 4:0 a.m.•9 views

CVE-2002-0989

The URL handler in the manual browser option for Gaim before 0.59.1 allows remote attackers to execute arbitrary script via shell metacharacters in a link...

7.5CVSS7.2AI score0.0495EPSS

Exploits1References15

Exploit DB•added 2002/09/24 12:0 a.m.•34 views

XOOPS 1.0 RC3 - HTML Injection

source: https://www.securityfocus.com/bid/5785/info Problems with XOOPS could make it possible to execute arbitrary script code in a vulnerable client. XOOPS does not sufficiently filter potentially malicious HTML code from posted messages. As a result, when a user views a message posting that...

exploitpack•added 2002/09/24 12:0 a.m.•21 views

XOOPS 1.0 RC3 - HTML Injection

XOOPS 1.0 RC3 - HTML Injection source: https://www.securityfocus.com/bid/5785/info Problems with XOOPS could make it possible to execute arbitrary script code in a vulnerable client. XOOPS does not sufficiently filter potentially malicious HTML code from posted messages. As a result, when a user...

exploitpack•added 2002/09/23 12:0 a.m.•17 views

HP Compaq Insight Manager - Web Interface Cross-Site Scripting

HP Compaq Insight Manager - Web Interface Cross-Site Scripting source: https://www.securityfocus.com/bid/5780/info It has been reported that the Compaq Insight Manager web interface is prone to cross-site scripting attacks. It is possible to construct a malicious link to a Compaq Insight Manager...

Exploit DB•added 2002/09/09 12:0 a.m.•29 views

phpGB 1.1 - HTML Injection

source: https://www.securityfocus.com/bid/5676/info phpGB is subject to HTML injection attacks. phpGB fails to check for the presence of HTML tags when generating guestbook entries. It is reported that an attacker may inject HTML and script code into guestbook entries, which will be executed in t...

exploitpack•added 2002/09/09 12:0 a.m.•10 views

Microsoft Internet Explorer 5 - IFrameFrame Cross-SiteZone Script Execution

Microsoft Internet Explorer 5 - IFrameFrame Cross-SiteZone Script Execution source: https://www.securityfocus.com/bid/5672/info When a Microsoft Internet Explorer MSIE window opens another window, security checks should prevent the parent from accessing the child if the latter is of another domai...

Exploit DB•added 2002/09/09 12:0 a.m.•26 views

Microsoft Internet Explorer 5 - IFrame/Frame Cross-Site/Zone Script Execution

source: https://www.securityfocus.com/bid/5672/info When a Microsoft Internet Explorer MSIE window opens another window, security checks should prevent the parent from accessing the child if the latter is of another domain or Security Zone. It has been reported that such checks fails to occur...

NVD•added 2002/09/05 4:0 a.m.•17 views

CVE-2002-0855

Cross-site scripting vulnerability in Mailman before 2.0.12 allows remote attackers to execute script as other users via a subscriber's list subscription options in the 1 adminpw or 2 info parameters to the ml-name feature...

7.5CVSS6.5AI score0.41037EPSS

Exploits1References10

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by