9787 matches found
CVE-2004-1442
Cross-site scripting XSS vulnerability in db2www CGI interpreter in IBM Net.Data 7 and 7.2 allows remote attackers to inject arbitrary web script or HTML via a macro filename, which is not properly handled by error messages such as "DTWP001E."...
CVE-2005-0341
Apple Safari 1.2.4 does not obey the Content-type field in the HTTP header and renders text as HTML, which allows remote attackers to inject arbitrary web script or HTML and perform cross-site scripting XSS attacks...
CVE-2005-0317
Cross-site scripting XSS vulnerability in usereditaccount.wdm in Alt-N WebAdmin 3.0.4 allows remote attackers to inject arbitrary web script or HTML via the user parameter...
CVE-2005-0216
Cross-site scripting XSS vulnerability in formmail.php in Woltlab Burning Board Lite 1.0.0, 1.0.1e, and possibly other versions, allows remote attackers to inject arbitrary web script and HTML via the userid parameter...
CVE-2004-1177
Cross-site scripting XSS vulnerability in the driver script in mailman before 2.1.5 allows remote attackers to inject arbitrary web script or HTML via a URL, which is not properly escaped in the resulting error page...
CVE-2004-1177
Cross-site scripting XSS vulnerability in the driver script in mailman before 2.1.5 allows remote attackers to inject arbitrary web script or HTML via a URL, which is not properly escaped in the resulting error page...
CVE-2004-1133
Multiple cross-site scripting XSS vulnerabilities in Microsoft W3Who ISAPI w3who.dll allow remote attackers to inject arbitrary HTML and web script via 1 HTTP headers such as "Connection" or 2 invalid parameters whose values are echoed in the resulting error message...
CVE-2004-1130
Cross-site scripting XSS vulnerability in admin.asp in CMailServer 5.2 allows remote attackers to execute arbitrary web script or HTML via personal information fields, such as 1 username, 2 name, or 3 comments...
CVE-2004-1319
The CVE-2004-1319 issue concerns the DHTML Editing Component ActiveX control (dhtmled.ocx) used by Internet Explorer. The vulnerability is cross-domain in nature and could allow remote code execution or information disclosure by exploiting the control from a malicious page, potentially granting a...
CVE-2004-1499
Cross-site scripting XSS vulnerability in the compose message form in HELM 3.1.19 and earlier allows remote attackers to execute arbitrary web script or HTML via the Subject field...
CVE-2004-1845
Multiple cross-site scripting XSS vulnerabilities in News Manager Lite 2.5 allow remote attackers to inject arbitrary web script or HTML via the 1 email parameter to commentadd.asp, 2 search parameter to search.asp, or 3 n parameter to categorynewsheadline.asp...
CVE-2004-2211
Cross-site scripting XSS vulnerability in AliveSites Forums 2.0 allows remote attackers to inject arbitrary web script or HTML via the 1 forumid, 2 method, or 3 forumtitle parameters to post.asp, 4 the forumtitle parameter to forum.asp, or 5 the id parameter to post.asp...
CVE-2004-2670
Multiple cross-site scripting XSS vulnerabilities in mod.php in eNdonesia 8.3 allow remote attackers to inject arbitrary web script or HTML via 1 the mod parameter in a viewcat operation or 2 the query parameter in a search operation in the publisher module...
CVE-2004-2188
Cross-site scripting XSS vulnerability in DMXReady Site Chassis Manager allows remote attackers to inject arbitrary web script or HTML via unknown vectors...
CVE-2004-1529
Cross-site scripting XSS vulnerability in the Event Calendar module 2.13 for PHP-Nuke allows remote attackers to execute arbitrary web script via the 1 type, 2 day, 3 month, or 4 year parameters in a Preview operation, or 5 event comments...
CVE-2004-2334
Multiple cross-site scripting XSS vulnerabilities in EMU Webmail 5.2.7 allow remote attackers to inject arbitrary web script or HTML via 1 a hex-encoded value to the variable parameter in emumail.fcgi, 2 the folder parameter in emumail.fcgi, or Javascript in the 3 username or 4 password field in...
CVE-2004-2528
Cross-site scripting XSS vulnerability in sresult.exe in Webcam Watchdog 4.0.1a allows remote attackers to inject arbitrary web script or HTML via the cam parameter...
CVE-2004-2351
Cross-site scripting XSS vulnerability in GBook for Php-Nuke 1.0 allows remote attackers to inject arbitrary web script or HTML via multiple parameters, including 1 name, 2 email, 3 city, and 4 message, which do not use the and tags, which are filtered by PHP-Nuke...
CVE-2004-1867
Cross-site scripting XSS vulnerability in guest.cgi in Fresh Guest Book allows remote attackers to inject arbitrary web script or HTML via the Name field...
CVE-2004-2508
Cross-site scripting XSS vulnerability in main.cgi in Linksys WVC11B Wireless-B Internet Video Camera allows remote attackers to inject arbitrary web script or HTML via the nextfile parameter...