2 matches found
CVE-2003-0416
Cross-site scripting XSS vulnerability in index.cgi for Bandmin 1.4 allows remote attackers to insert arbitrary HTML or script via 1 the year parameter in a showmonth action, 2 the month parameter in a showmonth action, or 3 the host parameter in a showhost action...
CVE-2003-0416
CVE-2003-0416 affects Bandmin 1.4: the index.cgi component is vulnerable to cross-site scripting via (1) year or (2) month in showmonth, or (3) host in showhost. Root cause is improper handling of user-supplied input leading to arbitrary HTML/script insertion. Impact: potential theft of cookies o...