Lucene search
K

3789 matches found

NVD
NVD
added 2005/03/01 5:0 a.m.32 views

CVE-2004-1055

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 2.6.0-pl2 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 the PmaAbsoluteUri parameter, 2 the zerorows parameter in readdump.php, 3 the confirm form, or 4 an error message generated by the internal...

6.8CVSS5.7AI score0.01475EPSS
Exploits1References3
NVD
NVD
added 2005/03/01 5:0 a.m.24 views

CVE-2005-0629

Multiple cross-site scripting XSS vulnerabilities in profile.php in 427BB 2.2 allow remote attackers to inject arbitrary web script or HTML via the 1 user or 2 Avatar parameters...

4.3CVSS5.8AI score0.02127EPSS
Exploits0References6
Exploit DB
Exploit DB
added 2005/03/01 12:0 a.m.27 views

CutePHP CuteNews 1.3.6 - 'x-forwarded-for' Script Injection

source: https://www.securityfocus.com/bid/12691/info A remote script injection vulnerability affects CutePHP CuteNews. This issue is due to a failure of the application to properly sanitize user-supplied input prior to using it to carry out critical functionality. An attacker may leverage this...

7.4AI score
Exploits0
Cvelist
Cvelist
added 2005/02/26 5:0 a.m.28 views

CVE-2004-1711

Cross-site scripting XSS vulnerability in post.php in Moodle before 1.3 allows remote attackers to inject arbitrary web script or HTML via the reply parameter...

5.7AI score0.0127EPSS
Exploits1References4
Cvelist
Cvelist
added 2005/02/26 5:0 a.m.25 views

CVE-2004-1730

Cross-site scripting XSS vulnerability in Mantis bugtracker allows remote attackers to inject arbitrary web script or HTML via 1 the return parameter to loginpage.php, 2 e-mail field in signup.php, 3 action parameter to loginselectprojpage.php, or 4 hidestatus parameter to viewallset.php...

5.7AI score0.01444EPSS
Exploits1References7
Cvelist
Cvelist
added 2005/02/26 5:0 a.m.27 views

CVE-2004-1716

Cross-site scripting XSS vulnerability in PForum before 1.26 allows remote attackers to inject arbitrary web script or HTML via the 1 IRC Server or 2 AIM ID fields in the user profile...

5.7AI score0.0235EPSS
Exploits1References7
Cvelist
Cvelist
added 2005/02/24 5:0 a.m.28 views

CVE-2005-0534

Multiple cross-site scripting XSS vulnerabilities in MediaWiki 1.3.x before 1.3.11 and 1.4 beta before 1.4 rc1 allow remote attackers to inject arbitrary web script...

5.8AI score0.01208EPSS
Exploits0References4
Exploit DB
Exploit DB
added 2005/02/21 12:0 a.m.20 views

PANews 2.0 - PHP Remote Code Execution

source: https://www.securityfocus.com/bid/12611/info PaNews is reported prone to a remote PHP script code execution vulnerability. It is reported that PHP script code may be injected into the PaNews software through the 'showcopy' parameter of the 'adminsetup.php' script. Reports indicate that wh...

7.4AI score
Exploits0
Cvelist
Cvelist
added 2005/02/20 5:0 a.m.22 views

CVE-2004-1632

Cross-site scripting XSS vulnerability in wiki.php in MoniWiki 1.0.8 and earlier allows remote attackers to inject arbitrary web script or HTML via the arguments to wiki.php...

5.6AI score0.0127EPSS
Exploits1References4
Cvelist
Cvelist
added 2005/02/20 5:0 a.m.27 views

CVE-2004-1589

Cross-site scripting XSS vulnerability in GoSmart Message Board allows remote attackers to execute inject web script or HTML via the 1 Category parameter to Forum.asp or 2 MainMessageID parameter to ReplyToQuestion.asp...

5.8AI score0.01255EPSS
Exploits1References4
Cvelist
Cvelist
added 2005/02/19 5:0 a.m.16 views

CVE-2005-0477

Cross-site scripting XSS vulnerability in the SML code for Invision Power Board 1.3.1 FINAL allows remote attackers to inject arbitrary web script via 1 a signature file or 2 a message post containing an IMG tag within a COLOR tag whose style is set to background:url...

6AI score0.02369EPSS
Exploits0References2
NVD
NVD
added 2005/02/15 5:0 a.m.18 views

CVE-2005-0434

Multiple cross-site scripting XSS vulnerabilities in Php-Nuke 7.5 allow remote attackers to inject arbitrary HTML or web script via 1 the newdownloadshowdays parameter in a NewDownloads operation or 2 the newlinkshowdays parameter in a NewLinks operation...

4.3CVSS5.9AI score0.01242EPSS
Exploits1References3
Cvelist
Cvelist
added 2005/02/13 5:0 a.m.28 views

CVE-2004-1467

Multiple cross-site scripting XSS vulnerabilities in eGroupWare 1.0.00.003 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 date or search text field in the calendar module, 2 Field parameter, Filter parameter, QField parameter, Start parameter or Search field in th...

5.7AI score0.0362EPSS
Exploits1References5
Cvelist
Cvelist
added 2005/02/12 5:0 a.m.38 views

CVE-2004-1424

Cross-site scripting XSS vulnerability in view.php in Moodle 1.4.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter...

5.5AI score0.01298EPSS
Exploits1References5
Cvelist
Cvelist
added 2005/02/12 5:0 a.m.23 views

CVE-2004-1412

Cross-site scripting XSS vulnerability in index.php in Kayako eSupport 2.x allows remote attackers to inject arbitrary web script or HTML via the searchm parameter...

5.6AI score0.01736EPSS
Exploits1References4
Cvelist
Cvelist
added 2005/02/12 5:0 a.m.21 views

CVE-2004-1397

Cross-site scripting XSS vulnerability in UseModWiki 1.0 allows remote attackers to inject arbitrary web script or HTML via an argument to wiki.pl...

5.7AI score0.01276EPSS
Exploits1References4
Cvelist
Cvelist
added 2005/02/10 5:0 a.m.18 views

CVE-2005-0320

Multiple cross-site scripting vulnerabilities in MERAK Mail Server 7.6.0 with Icewarp Web Mail 5.3.0 allow remote attackers to inject arbitrary web script or HTML via the 1 username parameter to login.html, 2 accountid parameter to accountsettingsadd.html, or the 3 note, 4 title, and 5 location...

6.1AI score0.02615EPSS
Exploits0References3
VulnCheck KEV
VulnCheck KEV
added 2005/02/08 12:0 a.m.1 views

VulnCheck KEV: CVE-2004-1319

The DHTML Edit Control dhtmled.ocx allows remote attackers to inject arbitrary web script into other domains by setting a name for a window, opening a child page whose target is the window with the given name, then injecting the script from the parent into the child using execScript, as...

5CVSS6AI score0.26162EPSS
Exploits1References1
Cvelist
Cvelist
added 2005/02/06 5:0 a.m.27 views

CVE-2005-0104

Cross-site scripting XSS vulnerability in webmail.php in SquirrelMail before 1.4.4 allows remote attackers to inject arbitrary web script or HTML via certain integer variables...

5.4AI score0.01837EPSS
Exploits0References11
Cvelist
Cvelist
added 2005/02/06 5:0 a.m.43 views

CVE-2004-1384

Multiple cross-site scripting XSS vulnerabilities in phpGroupWare 0.9.16.003 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 kp3, 2 type, 3 msg, 4 forumid, 5 pos, 6 catsapp, 7 catid, 8 msgballmsgnum, 9 fldballacctnum parameters to index.php or 10 ticketid to...

5.7AI score0.04039EPSS
Exploits1References5
Rows per page
Query Builder