1930 matches found
ASP.NET crossite scripting protection bypass
It's possible to insert null character after tag opening...
CVE-2003-0615
Cross-site scripting XSS vulnerability in startform of CGI.pm allows remote attackers to insert web script via a URL that is fed into the form's action parameter...
Gopherd <= 3.0.5 FTP Gateway Remote Overflow Exploit
Exploit for linux platform in category remote exploits ==================================================== Gopherd root 1 Dec 31 23:59 " to exploit this, there needs to be...
CVE-2003-0483
Cross-site scripting XSS vulnerabilities in XMB Forum 1.8 Partagium allow remote attackers to insert arbitrary script via 1 the member parameter to member.php or 2 the action parameter to buddy.php...
CVE-2003-0481
Multiple cross-site scripting XSS vulnerabilities in TUTOS 1.1 allow remote attackers to insert arbitrary web script, as demonstrated using the msg parameter to fileselect.php...
CVE-2003-0488
Multiple cross-site scripting XSS vulnerabilities in Kerio MailServer 5.6.3 allow remote attackers to insert arbitrary web script via 1 the addname parameter in the addacl module, or 2 the alias parameter in the domap module...
CVE-2003-0504
Multiple cross-site scripting XSS vulnerabilities in Phpgroupware 0.9.14.003 aka webdistro allow remote attackers to insert arbitrary HTML or web script, as demonstrated with a request to index.php in the addressbook module...
CVE-2003-0446
Cross-site scripting XSS in Internet Explorer 5.5 and 6.0, possibly in a component that is also used by other Microsoft products, allows remote attackers to insert arbitrary web script via an XML file that contains a parse error, which inserts the script in the resulting error message...
CVE-2003-0442
Cross-site scripting XSS vulnerability in the transparent SID support capability for PHP before 4.3.2 session.usetranssid allows remote attackers to insert arbitrary script via the PHPSESSID parameter...
CVE-2003-0484
Cross-site scripting XSS vulnerability in viewtopic.php for phpBB allows remote attackers to insert arbitrary web script via the topicid parameter...
CVE-2003-0495
Cross-site scripting XSS vulnerability in LedNews 0.7 allows remote attackers to insert arbitrary web script via a news item...
CVE-2003-0483
The CVE-2003-0483 entry concerns XMB Forum 1.8 Partagium, where the member.php and buddy.php scripts are vulnerable to cross-site scripting (XSS). The underlying issue is that user-controlled inputs to the member parameter and the action parameter can be used to inject arbitrary script, enabling ...
CVE-2003-0481
Multiple cross-site scripting XSS vulnerabilities in TUTOS 1.1 allow remote attackers to insert arbitrary web script, as demonstrated using the msg parameter to fileselect.php...
CVE-2003-0483
Cross-site scripting XSS vulnerabilities in XMB Forum 1.8 Partagium allow remote attackers to insert arbitrary script via 1 the member parameter to member.php or 2 the action parameter to buddy.php...
CVE-2003-0310
Cross-site scripting XSS vulnerability in articleview.php for eZ publish 2.2 allows remote attackers to insert arbitrary web script...
CVE-2003-0416
Cross-site scripting XSS vulnerability in index.cgi for Bandmin 1.4 allows remote attackers to insert arbitrary HTML or script via 1 the year parameter in a showmonth action, 2 the month parameter in a showmonth action, or 3 the host parameter in a showhost action...
CVE-2003-0404
CVE-2003-0404 affects Vignette StoryServer 4/5 and Vignette V/5 and V/6. Vulnerability: multiple Cross Site Scripting (XSS) via text variables, demonstrated through the errInfo parameter in the default login template. Impact: remote attackers can inject arbitrary HTML and script. Exploitation det...
CVE-2003-0318
Cross-site scripting XSS vulnerability in the Statistics module for PHP-Nuke 6.0 and earlier allows remote attackers to insert arbitrary web script via the year parameter...
CVE-2003-0375
Cross-site scripting XSS vulnerability in member.php of XMBforum XMB 1.8.x aka Partagium allows remote attackers to insert arbitrary HTML and web script via the "member" parameter...
CVE-2003-0341
Cross-site scripting XSS vulnerability in Owl Intranet Engine 0.71 and earlier allows remote attackers to insert arbitrary script via the Search field...