Lucene search
K

111 matches found

Prion
Prion
added 2012/02/08 12:55 a.m.13 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in XWiki Enterprise 3.4 allow remote attackers to inject arbitrary web script or HTML via the 1 XWiki.XWikiCommentscomment parameter to xwiki/bin/commentadd/Main/WebHome, 2 XWiki.XWikiUsers0company parameter when editing a user profile, or 3...

4.3CVSS6AI score0.01194EPSS
Exploits1References4Affected Software1
Prion
Prion
added 2011/07/08 10:55 p.m.15 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in ajaxmember.php in 6kbbs 8.0 build 20100901 allow remote attackers to inject arbitrary web script or HTML via the 1 usermsn, 2 useremail, and 3 userphone parameters in a modifyDetails action...

4.3CVSS6AI score0.01042EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2009/06/19 6:0 p.m.2 views

CVE-2009-2133

Multiple cross-site scripting XSS vulnerabilities in Pivot 1.40.4 and 1.40.7 allow remote attackers to inject arbitrary web script or HTML via the 1 menu or 2 sort parameter to pivot/index.php, 3 the value of a check array parameter in a delete action to pivot/index.php, 4 the element name in a...

4.3CVSS5.4AI score0.04089EPSS
Exploits1References10
Prion
Prion
added 2009/05/22 6:30 p.m.14 views

Authentication flaw

index.php in Flyspeck CMS 6.8 does not require administrative authentication for the updateExistingContent action, which allows remote attackers to create or modify admin accounts via the 1 usersfullname, 2 usersemail, 3 usersroleid, 4 usersusername, and 5 userspassword parameters...

7.5CVSS7.5AI score0.02463EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2006/04/26 8:0 p.m.21 views

CVE-2006-2048

Multiple cross-site scripting XSS vulnerabilities in index.php in Edwin van Wijk phpWebFTP 2.3 allow remote attackers to inject arbitrary web script or HTML via the 1 port, 2 server, and 3 user parameters. NOTE: it is possible that the affected version is actually 3.2...

5.8AI score0.02093EPSS
Exploits1References8
Cvelist
Cvelist
added 2005/03/07 5:0 a.m.16 views

CVE-2005-0673

Cross-site scripting XSS vulnerability in usercpregister.php for phpBB 2.0.13 allows remote attackers to inject arbitrary web script or HTML by setting the 1 allowhtml, 2 allowbbcode, or 3 allowsmilies parameters to inject HTML into signatures for personal messages, possibly when they are process...

5.7AI score0.01896EPSS
Exploits0References3
NVD
NVD
added 2005/03/01 5:0 a.m.24 views

CVE-2005-0629

Multiple cross-site scripting XSS vulnerabilities in profile.php in 427BB 2.2 allow remote attackers to inject arbitrary web script or HTML via the 1 user or 2 Avatar parameters...

4.3CVSS5.8AI score0.02127EPSS
Exploits0References6
NVD
NVD
added 2004/03/26 5:0 a.m.21 views

CVE-2004-1862

Multiple cross-site scripting XSS vulnerabilities in Extreme Messageboard XMB 1.8 SP3 and 1.9 beta allow remote attackers to inject arbitrary web script or HTML via the 1 xmbuser parameter to xmb.php, 2 folder parameter to u2u.php, 3 viewmost, replymost, or latest parameter to stats.php, 4 messag...

4.3CVSS5.8AI score0.02512EPSS
Exploits0References10
exploitpack
exploitpack
added 2004/03/23 12:0 a.m.11 views

Invision Power Services Invision Gallery 1.0.1 - Multiple SQL Injections

Invision Power Services Invision Gallery 1.0.1 - Multiple SQL Injections source: https://www.securityfocus.com/bid/9944/info It has been reported that Invision Gallery may be prone to multiple sql injection vulnerabilities, allowing an attacker to influence SQL query logic. The issues exist due t...

0.3AI score
Exploits0
Exploit DB
Exploit DB
added 2003/05/01 12:0 a.m.34 views

PHP-Nuke Splatt Forum 4.0 Module - Cross-Site Scripting

source: https://www.securityfocus.com/bid/7483/info Splatt Forum is a public message board plugin designed to be used with PHPNuke. It has been reported that Splatt Forum does not sufficiently filter user supplied URI parameters for the Splatt Forum 'Search' function. As a result of this...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2003/03/18 12:0 a.m.9 views

Mambo Site Server 4.0.10 - index.php Cross-Site Scripting

Mambo Site Server 4.0.10 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/7135/info Mambo Site Server has been reported prone to a cross-site scripting vulnerability. It has been reported that certain user supplied URI parameters are not sufficiently sanitized by the Mam...

6.8AI score
Exploits0
Rows per page
Query Builder