Lucene search
K

106 matches found

Packet Storm
Packet Storm
added 2009/05/13 12:0 a.m.26 views

FormMail 1.92 XSS / HTTP Response Splitting

FormMail 1.92 Multiple Vulnerabilities Name Multiple Vulnerabilities in FormMail Systems Affected FormMail 1.92 and possibly earlier versions Severity Medium Impact CVSSv2 Medium 4.3/10, vector: AV:N/AC:M/Au:N/C:P/I:N/A:N Vendor http://www.scriptarchive.com/formmail.html Advisory...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2009/05/12 12:0 a.m.52 views

FormMail 1.92 Multiple Vulnerabilities

FormMail 1.92 Multiple Vulnerabilities Name Multiple Vulnerabilities in FormMail Systems Affected FormMail 1.92 and possibly earlier versions Severity Medium Impact CVSSv2 Medium 4.3/10, vector: AV:N/AC:M/Au:N/C:P/I:N/A:N Vendor http://www.scriptarchive.com/formmail.html Advisory...

6.3AI score
Exploits0
Packet Storm
Packet Storm
added 2007/12/29 12:0 a.m.23 views

google-utf7xss.txt

XSS with UTF-7 in Google XSS with UTF-7 was found in www.google.com already fixed. Although charset was specified in HTTP response header, but charset-name was incorrect so XSS occurred. PoC: http://www.google.com/search?hl=en&oe=cp932&q=%2BADw-script%2BAD4-alert...

0.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2007/04/19 12:0 a.m.21 views

GLSA-200704-08 : DokuWiki: XSS vulnerability

The remote host is affected by the vulnerability described in GLSA-200704-08 DokuWiki: XSS vulnerability DokuWiki does not sanitize user input to the GET variable 'media' in the fetch.php file. Impact : An attacker could entice a user to click a specially crafted link and inject CRLF characters...

4.3CVSS5.9AI score0.01321EPSS
Exploits0References2
NVD
NVD
added 2005/09/08 10:3 a.m.15 views

CVE-2005-2860

Cross-site scripting XSS vulnerability in Nikto 1.35 and earlier allows remote attackers to inject arbitrary web script or HTML via the Server field in an HTTP response header, which is directly injected into an HTML report...

4.3CVSS5.7AI score0.01298EPSS
Exploits1References4
OSV
OSV
added 2005/09/08 10:3 a.m.8 views

CVE-2005-2860

Cross-site scripting XSS vulnerability in Nikto 1.35 and earlier allows remote attackers to inject arbitrary web script or HTML via the Server field in an HTTP response header, which is directly injected into an HTML report...

5.9AI score
Exploits0References8
Rows per page
Query Builder