863 matches found
CVE-2004-2568
Multiple cross-site scripting XSS vulnerabilities in ReciPants 1.1.1 allow remote attackers to inject arbitrary web script or HTML via the 1 user id, 2 recipe id, 3 category id, and 4 other ID number fields...
CVE-2004-2241
Cross-site scripting XSS vulnerability in Phorum 5.0.11 and earlier allows remote attackers to inject arbitrary HTML or web script via search.php. NOTE: some sources have reported that the affected file is read.php, but this is inconsistent with the vendor's patch...
CVE-2004-1075
Cross-site scripting XSS vulnerability in standarderrormessage.dtml for Zwiki after 0.10.0rc1 to 0.36.2 allows remote attackers to inject arbitrary HTML and web script via a malformed URL, which is not properly cleansed when generating an error message...
CVE-2004-0301
Cross-site scripting XSS vulnerability in more.php for Online Store Kit 3.0 allows remote attackers to inject arbitrary HTML via the id parameter...
CVE-2002-1494
The CVE-2002-1494 entry describes a Cross-site Scripting (XSS) vulnerability in Aestiva HTML/OS. The root cause is that an attacker can insert arbitrary HTML or script by placing the script after a trailing / character, causing the script to appear in error messages generated by the application. ...
Seyeon Technology FlexWATCH Server 2.2 - Cross-Site Scripting
source: https://www.securityfocus.com/bid/9739/info It has been reported that FlexWATCH may be prone to a cross-site scripting vulnerability that may allow a remote attacker to execute arbitrary HTML or script code in a user's browser. These issues have been reported to exist in FlexWATCH version...
CVE-2003-1243
Cross-site scripting vulnerability XSS in Sage 1.0 b3 allows remote attackers to insert arbitrary HTML or web script via the mod parameter...
RNN's Guestbook 1.2 Multiple Vulnerabilities
RNN's Guestbook 1.2 Multiple Vulnerabilies Discovered by Chris Rahm aka: BrainRawt brainrawt at haxworx.com Vulnerabilities: Remote Command Execution Administrative Access Information Disclosure Reading of Files Arbitrary HTML Insertion/Script Injection Plain Text Administrative Password Remote:...
[NT] PostMaster Cross Site Scripting Vulnerability
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...
[UNIX] MPM Guestbook Multiple Vulnerabilities (CSS, Path Disclosure)
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...
SPAIZ-NUKE v1.1 XSS bug
Привет. Вот описание уязвимости в SPAIZ-NUKE 1.1 Advisory9 RusH security team | http://www.rsteam.net Product: SPAIZ-NUKE v1.1 Author: sPaiZ-Nuke Group http://www.spaiz-nuke.net/ [email protected] Vuln: XSS Bug found: 14.09.2003 by 1dt.w0lf Уязвимость: Spaiz-Nuke это движек для сайта постр...
CVE-2003-0602
Multiple cross-site scripting vulnerabilities XSS in Bugzilla 2.16.x before 2.16.3 and 2.17.x before 2.17.4 allow remote attackers to insert arbitrary HTML or web script via 1 multiple default German and Russian HTML templates or 2 ALT and NAME attributes in AREA tags as used by the GraphViz grap...
CVE-2003-0504
Multiple cross-site scripting XSS vulnerabilities in Phpgroupware 0.9.14.003 aka webdistro allow remote attackers to insert arbitrary HTML or web script, as demonstrated with a request to index.php in the addressbook module...
Macromedia Dreamweaver MX 6.0 - PHP User Authentication Suite Cross-Site Scripting
source: https://www.securityfocus.com/bid/8339/info It is possible to create an authentication or access control page, using Dreamweaver MX PHP Authentication Suite. This script will generate an error page that contains dynamic content when a user fails to authenticate correctly to the site. A...
CVE-2003-0404
Multiple Cross Site Scripting XSS vulnerabilities in Vignette StoryServer 4 and 5, and Vignette V/5 and V/6, allow remote attackers to insert arbitrary HTML and script via text variables, as demonstrated using the errInfo parameter of the default login template...
CVE-2003-0375
Cross-site scripting XSS vulnerability in member.php of XMBforum XMB 1.8.x aka Partagium allows remote attackers to insert arbitrary HTML and web script via the "member" parameter...
Proxy Web Server XSS
The remote host is running a proxy web server that fails to adequately sanitize request strings of malicious JavaScript. By leveraging this issue, an attacker may be able to cause arbitrary HTML and script code to be executed in a user's browser within the security context of the affected site. C...
CVE-2002-1526
Cross-site scripting XSS vulnerability in emumail.cgi for EMU Webmail 5.0 allows remote attackers to inject arbitrary HTML or script via the email address field...
CVE-2002-1533
Cross-site scripting XSS vulnerability in Jetty JSP servlet engine allows remote attackers to insert arbitrary HTML or script via an HTTP request to a .jsp file whose name contains the malicious script and some encoded linefeed characters %0a...
CVE-2002-1464
Cross-site scripting XSS vulnerability in CafeLog b2 Weblog Tool allows remote attackers to insert arbitrary HTML or script via the GPC variable...