Lucene search
+L

9787 matches found

NVD
NVD
added 2005/05/02 4:0 a.m.21 views

CVE-2005-1309

Cross-site scripting XSS vulnerability in bBlog 0.7.4 allows remote attackers to inject arbitrary web script or HTML via the 1 entry title field or 2 comment body text...

4.3CVSS5AI score0.0125EPSS
Exploits1References4
NVD
NVD
added 2005/05/02 4:0 a.m.18 views

CVE-2005-0863

Cross-site scripting XSS vulnerability in PHPOpenChat v3.x allows remote attackers to inject arbitrary web script or HTML via 1 the chatter parameter to regulars.php or 2 the chatter, chatter1, chatter2, chatter3, or chatter4 parameters to register.php...

4.3CVSS5.7AI score0.01703EPSS
Exploits0References4
NVD
NVD
added 2005/05/02 4:0 a.m.18 views

CVE-2005-1030

Multiple cross-site scripting XSS vulnerabilities in Active Auction House allow remote attackers to inject arbitrary web script or HTML via the 1 ReturnURL, 2 password, 3 username parameter, 4 ReturnURL parameter to account.asp, 5 Table, 6 Title parameter to sendpassword.asp, or 7 itemid to...

4.3CVSS5.8AI score0.0509EPSS
Exploits1References12
NVD
NVD
added 2005/05/02 4:0 a.m.19 views

CVE-2005-1189

Cross-site scripting XSS vulnerability in WebcamXP PRO v2.16.468 and earlier allows remote attackers to inject arbitrary web script or HTML via the chat name, as demonstrated by using an IFRAME to redirect users to other sites...

4.3CVSS5.7AI score0.01164EPSS
Exploits0References3
NVD
NVD
added 2005/05/02 4:0 a.m.14 views

CVE-2005-1016

Cross-site scripting XSS vulnerability in linksaddform.asp for MaxWebPortal 1.33 and earlier allows remote attackers to inject arbitrary web script or HTML via a Javascript URL in a banner URL...

4.3CVSS5.7AI score0.01177EPSS
Exploits0References5
NVD
NVD
added 2005/05/02 4:0 a.m.23 views

CVE-2005-1162

Multiple cross-site scripting XSS vulnerabilities in OneWorldStore allow remote attackers to inject arbitrary web script or HTML via the 1 sEmail parameter to owContactUs.asp, 2 bSub parameter to owListProduct.asp, or the 3 Name, 4 Email, or 5 Comment fields in owProductDetail.asp...

5.8CVSS5.8AI score0.05565EPSS
Exploits1References11
NVD
NVD
added 2005/05/02 4:0 a.m.17 views

CVE-2005-1313

Cross-site scripting XSS vulnerability in Horde Passwd module before 2.2.2 allows remote attackers to inject arbitrary web script or HTML via the parent's frame page title...

4.3CVSS5.7AI score0.01195EPSS
Exploits0References3
NVD
NVD
added 2005/05/02 4:0 a.m.16 views

CVE-2005-0981

Multiple cross-site scripting XSS vulnerabilities in AlstraSoft EPay Pro 2.0 allow remote attackers to inject arbitrary web script or HTML via the 1 payment or 2 send parameter...

4.3CVSS5.8AI score0.01754EPSS
Exploits1References3
NVD
NVD
added 2005/05/02 4:0 a.m.15 views

CVE-2005-0934

Multiple cross-site scripting XSS vulnerabilities in WackoWiki R4 allow remote attackers to inject arbitrary web script or HTML via unknown vectors...

4.3CVSS5.8AI score0.00938EPSS
Exploits0References2
Cvelist
Cvelist
added 2005/04/28 4:0 a.m.21 views

CVE-2005-1356

Cross-site scripting XSS vulnerability in includer.cgi script in The Includer allows remote attackers to inject arbitrary web script or HTML via the argument...

5.7AI score0.00948EPSS
Exploits0References1
Cvelist
Cvelist
added 2005/04/27 4:0 a.m.23 views

CVE-2005-1309

Cross-site scripting XSS vulnerability in bBlog 0.7.4 allows remote attackers to inject arbitrary web script or HTML via the 1 entry title field or 2 comment body text...

5AI score0.0125EPSS
Exploits1References4
Cvelist
Cvelist
added 2005/04/26 4:0 a.m.23 views

CVE-2005-1292

Multiple cross-site scripting XSS vulnerabilities in CartWIZ ASP Cart allow remote attackers to inject arbitrary web script or HTML via the idProduct parameter to 1 tellAFriend.asp or 2 addToWishlist.asp, redirect parameter to 3 access.asp or 4 login.asp, message parameter to 5 login.asp or 6...

5.8AI score0.01774EPSS
Exploits1References9
Cvelist
Cvelist
added 2005/04/26 4:0 a.m.23 views

CVE-2005-1285

Cross-site scripting XSS vulnerability in thread.php in WoltLab Burning Board 2.3.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the hilight parameter...

5.7AI score0.02EPSS
Exploits1References4
FreeBSD
FreeBSD
added 2005/04/20 12:0 a.m.24 views

egroupware -- multiple cross-site scripting (XSS) and SQL injection vulnerabilities

Multiple cross-site scripting XSS vulnerabilities in eGroupware before 1.0.0.007 allow remote attackers to inject arbitrary web script or HTML via the 1 abid, 2 page, 3 type, or 4 lang parameter to index.php or 5 categoryid parameter. Multiple SQL injection vulnerabilities in index.php in...

7.5CVSS7.2AI score0.03202EPSS
Exploits2References1
Cvelist
Cvelist
added 2005/04/19 4:0 a.m.19 views

CVE-2005-1189

Cross-site scripting XSS vulnerability in WebcamXP PRO v2.16.468 and earlier allows remote attackers to inject arbitrary web script or HTML via the chat name, as demonstrated by using an IFRAME to redirect users to other sites...

5.7AI score0.01164EPSS
Exploits0References3
Cvelist
Cvelist
added 2005/04/18 4:0 a.m.25 views

CVE-2005-1172

Cross-site scripting XSS vulnerability in init.inc.php in Coppermine Photo Gallery 1.3.x allows remote attackers to inject arbitrary web script or HTML via the X-Forwarded-For parameter...

5.6AI score0.01177EPSS
Exploits0References4
Cvelist
Cvelist
added 2005/04/16 4:0 a.m.29 views

CVE-2005-1116

Cross-site scripting XSS vulnerability in the Calendar module for phpBB allow remote attackers to inject arbitrary web script or HTML via the start parameter to calendarscheduler.php...

5.8AI score0.00963EPSS
Exploits0References2
Cvelist
Cvelist
added 2005/04/16 4:0 a.m.19 views

CVE-2005-1130

Cross-site scripting XSS vulnerability in index.php in Pinnacle Cart allows remote attackers to inject arbitrary web script or HTML via the pg parameter...

5.7AI score0.01736EPSS
Exploits1References5
Cvelist
Cvelist
added 2005/04/14 4:0 a.m.22 views

CVE-2004-0534

Cross-site scripting XSS vulnerability in Business Objects InfoView 5.1.4 through 5.1.8 for WebIntelligence 2.7.0 through 2.7.4 allows remote attackers to inject arbitrary web script or HTML via document names when uploading a document...

5.7AI score0.01177EPSS
Exploits0References5
NVD
NVD
added 2005/04/12 4:0 a.m.17 views

CVE-2005-1145

NOTE: this issue has been disputed by the vendor. Cross-site scripting XSS vulnerability in calendar.pl in CalendarScript 3.20 allows remote attackers to inject arbitrary web script or HTML via the template parameter, a different vulnerability than CVE-2005-1146...

4.3CVSS5.6AI score0.01195EPSS
Exploits0References3
Rows per page
Query Builder