Lucene search
+L

233 matches found

Exploit DB
Exploit DB
added 2004/09/20 12:0 a.m.28 views

Mambo Open Source 4.5.1 (1.0.9) - Cross-Site Scripting

source: https://www.securityfocus.com/bid/11220/info Mambo open source is reportedly affected by multiple input validation vulnerabilities. These issues are due to a failure of the application to properly validate user-supplied URI parameters. An attacker may leverage these issues to execute...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/09/01 12:0 a.m.21 views

phpScheduleIt 1.0.0 RC1 Multiple XSS

According to its banner, the version of phpScheduleIt on the remote host is earlier than 1.0.0. Such versions are vulnerable to HTML injection issues. For example, an attacker may add malicious HTML and JavaScript code in a schedule page if he has the right to edit the 'Schedule Name' field. This...

4.3CVSS5.6AI score0.01338EPSS
Exploits0References3
FreeBSD
FreeBSD
added 2004/07/07 12:0 a.m.43 views

php -- strip_tags cross-site scripting vulnerability

Stefan Esser of e-matters discovered that PHP's striptags function would ignore certain characters during parsing of tags, allowing these tags to pass through. Select browsers could then parse these tags, possibly allowing cross-site scripting attacks...

6.8CVSS6AI score0.45159EPSS
Exploits3References2
Exploit DB
Exploit DB
added 2004/04/26 12:0 a.m.53 views

OpenBB 1.0.x - 'index.php?redirect' Cross-Site Scripting

source: https://www.securityfocus.com/bid/10214/info It has been reported that OpenBB is affected by multiple input validation vulnerabilities. These issues are due to a failure of the application to properly sanitize user supplied user input. The SQL issues may allow a remote attacker to...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2004/03/24 12:0 a.m.30 views

Apache mod_survey crossite scripting

No description provided...

1.6AI score
Exploits0References1Affected Software1
exploitpack
exploitpack
added 2004/03/11 12:0 a.m.15 views

Pegasi Web Server 0.2.2 - Arbitrary File Access

Pegasi Web Server 0.2.2 - Arbitrary File Access source: https://www.securityfocus.com/bid/9847/info Multiple vulnerabilities have been identified in the application that may allow a remote attacker to carry out directory traversal and cross-site scripting attacks. A successful cross-site scriptin...

Exploits0
exploitpack
exploitpack
added 2004/01/23 12:0 a.m.13 views

Novell Netware Enterprise Web Server 5.16.0 SnoopServlet - Information Disclosure

Novell Netware Enterprise Web Server 5.16.0 SnoopServlet - Information Disclosure source: https://www.securityfocus.com/bid/9479/info Multiple vulnerabilities have been identified in Novell Netware Enterprise Web Server that may allow an attacker to carry out cross-site scripting attacks, disclos...

Exploits0
exploitpack
exploitpack
added 2004/01/23 12:0 a.m.15 views

Novell Netware Enterprise Web Server 5.16.0 - snoop.jsp Information Disclosure

Novell Netware Enterprise Web Server 5.16.0 - snoop.jsp Information Disclosure source: https://www.securityfocus.com/bid/9479/info Multiple vulnerabilities have been identified in Novell Netware Enterprise Web Server that may allow an attacker to carry out cross-site scripting attacks, disclose...

Exploits0
NVD
NVD
added 2004/01/05 5:0 a.m.19 views

CVE-2003-0981

FreeScripts VisitorBook LE visitorbook.pl logs the reverse DNS name of a visiting host, which allows remote attackers to spoof the origin of their incoming requests and facilitate cross-site scripting XSS attacks...

6.1CVSS6AI score0.00383EPSS
Exploits0References2
Cvelist
Cvelist
added 2003/12/11 5:0 a.m.21 views

CVE-2003-0981

FreeScripts VisitorBook LE visitorbook.pl logs the reverse DNS name of a visiting host, which allows remote attackers to spoof the origin of their incoming requests and facilitate cross-site scripting XSS attacks...

6AI score0.00383EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2003/03/30 12:0 a.m.22 views

Beanwebb's Guestbook 1.0 Multiple Vulnerabilities

The remote host is running Beanwebb's Guestbook. This set of CGIs has two vulnerabilities : - Anyone can access the admin page admin.php - It is vulnerable to cross-site scripting attacks in add.php An attacker may use these flaws to steal the cookies of your users or to inject fake information i...

5.1AI score
Exploits0References1
NVD
NVD
added 2002/10/04 4:0 a.m.20 views

CVE-2002-0837

wordtrans 1.1pre8 and earlier in the wordtrans-web package allows remote attackers to 1 execute arbitrary code or 2 conduct cross-site scripting attacks via certain parameters possibly "dict" to the wordtrans.php script...

7.5CVSS6.9AI score0.03471EPSS
Exploits0References7
exploitpack
exploitpack
added 2002/08/19 12:0 a.m.19 views

Kerio MailServer 5.05.1 Web Mail - Multiple Cross-Site Scripting Vulnerabilities

Kerio MailServer 5.05.1 Web Mail - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/5507/info Reportedly, Kerio Mailserver is vulnerable to cross site scripting attacks. The vulnerability is present in Kerio Mailserver's web mail component. An attacker may...

0.2AI score
Exploits0
Rows per page
Query Builder