Lucene search
K

6892 matches found

NVD
NVD
added 2004/12/31 5:0 a.m.21 views

CVE-2004-2211

Cross-site scripting XSS vulnerability in AliveSites Forums 2.0 allows remote attackers to inject arbitrary web script or HTML via the 1 forumid, 2 method, or 3 forumtitle parameters to post.asp, 4 the forumtitle parameter to forum.asp, or 5 the id parameter to post.asp...

4.3CVSS5.6AI score0.01382EPSS
Exploits1References6
NVD
NVD
added 2004/12/31 5:0 a.m.14 views

CVE-2004-1845

Multiple cross-site scripting XSS vulnerabilities in News Manager Lite 2.5 allow remote attackers to inject arbitrary web script or HTML via the 1 email parameter to commentadd.asp, 2 search parameter to search.asp, or 3 n parameter to categorynewsheadline.asp...

4.3CVSS5.8AI score0.02162EPSS
Exploits1References8
NVD
NVD
added 2004/12/31 5:0 a.m.11 views

CVE-2004-1867

Cross-site scripting XSS vulnerability in guest.cgi in Fresh Guest Book allows remote attackers to inject arbitrary web script or HTML via the Name field...

4.3CVSS5.7AI score0.01733EPSS
Exploits1References3
NVD
NVD
added 2004/12/31 5:0 a.m.9 views

CVE-2004-1499

Cross-site scripting XSS vulnerability in the compose message form in HELM 3.1.19 and earlier allows remote attackers to execute arbitrary web script or HTML via the Subject field...

4.3CVSS6.1AI score0.0181EPSS
Exploits1References5
NVD
NVD
added 2004/12/31 5:0 a.m.16 views

CVE-2004-2508

Cross-site scripting XSS vulnerability in main.cgi in Linksys WVC11B Wireless-B Internet Video Camera allows remote attackers to inject arbitrary web script or HTML via the nextfile parameter...

4.3CVSS5.7AI score0.01736EPSS
Exploits1References5
NVD
NVD
added 2004/12/31 5:0 a.m.11 views

CVE-2004-2528

Cross-site scripting XSS vulnerability in sresult.exe in Webcam Watchdog 4.0.1a allows remote attackers to inject arbitrary web script or HTML via the cam parameter...

4.3CVSS5.7AI score0.03879EPSS
Exploits1References6
NVD
NVD
added 2004/12/31 5:0 a.m.17 views

CVE-2004-2475

Cross-site scripting XSS vulnerability in Google Toolbar 2.0.114.1 allows remote attackers to inject arbitrary web script via about.html in the About section. NOTE: some followup posts suggest that the demonstration code's use of the res:// protocol does not cross privilege boundaries, since it i...

4.3CVSS5.7AI score0.03213EPSS
Exploits1References7
NVD
NVD
added 2004/12/31 5:0 a.m.17 views

CVE-2004-2334

Multiple cross-site scripting XSS vulnerabilities in EMU Webmail 5.2.7 allow remote attackers to inject arbitrary web script or HTML via 1 a hex-encoded value to the variable parameter in emumail.fcgi, 2 the folder parameter in emumail.fcgi, or Javascript in the 3 username or 4 password field in...

4.3CVSS6AI score0.04775EPSS
Exploits1References9
NVD
NVD
added 2004/12/31 5:0 a.m.17 views

CVE-2004-2550

Multiple cross-site scripting XSS vulnerabilities in unspecified Perl scripts in SandSurfer before 1.7.1 allow remote attackers to inject arbitrary web script or HTML, which is later executed by a target who views reports containing the injected data...

4.3CVSS5.9AI score0.01208EPSS
Exploits0References5
NVD
NVD
added 2004/12/31 5:0 a.m.33 views

CVE-2004-2351

Cross-site scripting XSS vulnerability in GBook for Php-Nuke 1.0 allows remote attackers to inject arbitrary web script or HTML via multiple parameters, including 1 name, 2 email, 3 city, and 4 message, which do not use the and tags, which are filtered by PHP-Nuke...

4.3CVSS5.8AI score0.01255EPSS
Exploits1References4
NVD
NVD
added 2004/12/31 5:0 a.m.11 views

CVE-2004-2670

Multiple cross-site scripting XSS vulnerabilities in mod.php in eNdonesia 8.3 allow remote attackers to inject arbitrary web script or HTML via 1 the mod parameter in a viewcat operation or 2 the query parameter in a search operation in the publisher module...

6.8CVSS5.8AI score0.0207EPSS
Exploits1References7
Cvelist
Cvelist
added 2004/12/15 5:0 a.m.17 views

CVE-2004-1197

Cross-site scripting XSS vulnerability in inshop.pl in Insite inShop allows remote attackers to inject arbitrary web script or HTML via the screen parameter...

5.7AI score0.01475EPSS
Exploits1References4
NVD
NVD
added 2004/10/13 4:0 a.m.15 views

CVE-2004-1594

Cross-site scripting XSS vulnerability in FuseTalk 4.0 allows remote attackers to execute arbitrary web script via an img src tag...

4.3CVSS6.2AI score0.0127EPSS
Exploits1References4
NVD
NVD
added 2004/09/18 4:0 a.m.11 views

CVE-2004-1692

Cross-site scripting XSS vulnerability in index.php in Mambo 4.5 1.0.9 allows remote attackers to inject arbitrary web script or HTML via the 1 Itemid, 2 mosmsg, or 3 limit parameters...

4.3CVSS5.7AI score0.01793EPSS
Exploits1References5
NVD
NVD
added 2004/08/06 4:0 a.m.12 views

CVE-2004-0673

Cross-site scripting XSS vulnerability in SCI Photo Chat Server 3.4.9 allows remote attackers to execute arbitrary web script as other users via an invalid request that is echoed in the resulting error message...

6.8CVSS6.2AI score0.01978EPSS
Exploits1References3
Cvelist
Cvelist
added 2004/07/13 4:0 a.m.19 views

CVE-2004-0675

Cross-site scripting XSS vulnerability in 1 cart32.exe or 2 c32web.exe in Cart32 shopping cart allows remote attackers to execute arbitrary web script via the cart32 parameter to a GetLatestBuilds command...

6.2AI score0.04243EPSS
Exploits1References4
NVD
NVD
added 2004/04/25 4:0 a.m.12 views

CVE-2004-1965

Multiple cross-site scripting XSS vulnerabilities in Open Bulletin Board OpenBB 1.0.6 and earlier allows remote attackers to inject arbitrary web script or HTML via the 1 redirect parameter to member.php, 2 to parameter to myhome.php 3 TID parameter to post.php, or 4 redirect parameter to index.p...

4.3CVSS5.8AI score0.08442EPSS
Exploits3References5
NVD
NVD
added 2004/03/30 5:0 a.m.15 views

CVE-2004-1875

Multiple cross-site scripting XSS vulnerabilities in cPanel 9.1.0-R85 allow remote attackers to inject arbitrary web script or HTML via the 1 email parameter to testfile.html, 2 file parameter to erredit.html, 3 dns parameter to dnslook.html, 4 account parameter to ignorelist.html, 5 account...

9.3CVSS5.8AI score0.0456EPSS
Exploits0References18
NVD
NVD
added 2004/03/29 5:0 a.m.13 views

CVE-2004-1871

Multiple cross-site scripting XSS vulnerabilities in PhotoPost PHP Pro 4.6.x and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 ppuser, 2 password, 3 stype, 4 perpage, 5 sort, 6 page, 7 si, or 8 cat parameters to showmembers.php, or the 9 photo name, 10 photo...

4.3CVSS5.9AI score0.01976EPSS
Exploits3References6
Cvelist
Cvelist
added 2004/03/18 5:0 a.m.18 views

CVE-2004-0271

Multiple cross-site scripting vulnerabilities XSS in MaxWebPortal allow remote attackers to execute arbitrary web script as other users via 1 the subname parameter of dlshowall.asp, 2 the SendTo parameter in Personal Messages, 3 the HTTPREFERER for down.asp, or 4 the image name of an Avatar in th...

6.3AI score0.02111EPSS
Exploits1References4
Rows per page
Query Builder