CVE-2002-1494

The CVE-2002-1494 entry describes a Cross-site Scripting (XSS) vulnerability in Aestiva HTML/OS. The root cause is that an attacker can insert arbitrary HTML or script by placing the script after a trailing / character, causing the script to appear in error messages generated by the application. ...

Seyeon Technology FlexWATCH Server 2.2 - Cross-Site Scripting

source: https://www.securityfocus.com/bid/9739/info It has been reported that FlexWATCH may be prone to a cross-site scripting vulnerability that may allow a remote attacker to execute arbitrary HTML or script code in a user's browser. These issues have been reported to exist in FlexWATCH version...

CVE-2003-1243

Cross-site scripting vulnerability XSS in Sage 1.0 b3 allows remote attackers to insert arbitrary HTML or web script via the mod parameter...

RNN's Guestbook 1.2 Multiple Vulnerabilities

RNN's Guestbook 1.2 Multiple Vulnerabilies Discovered by Chris Rahm aka: BrainRawt brainrawt at haxworx.com Vulnerabilities: Remote Command Execution Administrative Access Information Disclosure Reading of Files Arbitrary HTML Insertion/Script Injection Plain Text Administrative Password Remote:...

[NT] PostMaster Cross Site Scripting Vulnerability

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...

[UNIX] MPM Guestbook Multiple Vulnerabilities (CSS, Path Disclosure)

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...

SPAIZ-NUKE v1.1 XSS bug

Привет. Вот описание уязвимости в SPAIZ-NUKE 1.1 Advisory9 RusH security team | http://www.rsteam.net Product: SPAIZ-NUKE v1.1 Author: sPaiZ-Nuke Group http://www.spaiz-nuke.net/ [email protected] Vuln: XSS Bug found: 14.09.2003 by 1dt.w0lf Уязвимость: Spaiz-Nuke это движек для сайта постр...

CVE-2003-0602

Multiple cross-site scripting vulnerabilities XSS in Bugzilla 2.16.x before 2.16.3 and 2.17.x before 2.17.4 allow remote attackers to insert arbitrary HTML or web script via 1 multiple default German and Russian HTML templates or 2 ALT and NAME attributes in AREA tags as used by the GraphViz grap...

CVE-2003-0504

Multiple cross-site scripting XSS vulnerabilities in Phpgroupware 0.9.14.003 aka webdistro allow remote attackers to insert arbitrary HTML or web script, as demonstrated with a request to index.php in the addressbook module...

Macromedia Dreamweaver MX 6.0 - PHP User Authentication Suite Cross-Site Scripting

source: https://www.securityfocus.com/bid/8339/info It is possible to create an authentication or access control page, using Dreamweaver MX PHP Authentication Suite. This script will generate an error page that contains dynamic content when a user fails to authenticate correctly to the site. A...

CVE-2003-0404

Multiple Cross Site Scripting XSS vulnerabilities in Vignette StoryServer 4 and 5, and Vignette V/5 and V/6, allow remote attackers to insert arbitrary HTML and script via text variables, as demonstrated using the errInfo parameter of the default login template...

CVE-2003-0375

Cross-site scripting XSS vulnerability in member.php of XMBforum XMB 1.8.x aka Partagium allows remote attackers to insert arbitrary HTML and web script via the "member" parameter...

Proxy Web Server XSS

The remote host is running a proxy web server that fails to adequately sanitize request strings of malicious JavaScript. By leveraging this issue, an attacker may be able to cause arbitrary HTML and script code to be executed in a user's browser within the security context of the affected site. C...

CVE-2002-1526

Cross-site scripting XSS vulnerability in emumail.cgi for EMU Webmail 5.0 allows remote attackers to inject arbitrary HTML or script via the email address field...

CVE-2002-1533

Cross-site scripting XSS vulnerability in Jetty JSP servlet engine allows remote attackers to insert arbitrary HTML or script via an HTTP request to a .jsp file whose name contains the malicious script and some encoded linefeed characters %0a...

CVE-2002-1464

Cross-site scripting XSS vulnerability in CafeLog b2 Weblog Tool allows remote attackers to insert arbitrary HTML or script via the GPC variable...

CVE-2002-1195

Cross-site scripting vulnerability XSS in the PHP interface for ht://Check 1.1 allows remote web servers to insert arbitrary HTML, including script, via a web page...

CVE-2002-0739

Cross-site scripting in PostCalendar 3.02 allows remote attackers to insert arbitrary HTML and script, and steal cookies, by modifying a calendar entry in its preview page...

W3C CERN HTTPd 3.0 Proxy - Cross-Site Scripting

W3C CERN HTTPd 3.0 Proxy - Cross-Site Scripting source: https://www.securityfocus.com/bid/5447/info CERN httpd is a freely available HTTP server and HTTP proxy server available from the W3C. The httpd Proxy is vulnerable to a cross site scripting attack. The condition is present because of the wa...