CVE-2004-0347

Cross-site scripting XSS vulnerability in delhomepage.cgi in NetScreen-SA 5000 Series running firmware 3.3 Patch 1 build 4797 allows remote authenticated users to execute arbitrary script as other users via the row parameter...

CVE-2004-1630

Cross-site scripting XSS vulnerability in the login form in Open WorkFlow Engine OpenWFE 1.4.x allows remote attackers to execute arbitrary web script or HTML via the url parameter...

CVE-2004-0781

Cross-site scripting XSS vulnerability in list.cgi in the Icecast internal web server icecast-server 1.3.12 and earlier allows remote attackers to inject arbitrary web script via the UserAgent parameter...

CVE-2004-1621

NOTE: this issue has been disputed by the vendor. Cross-site scripting XSS vulnerability in IBM Lotus Notes R6 and Domino R6, and possibly earlier versions, allows remote attackers to execute arbitrary web script or HTML via square brackets at the beginning and end of 1 computed for display, 2...

CVE-2004-0820

Winamp before 5.0.4 allows remote attackers to execute arbitrary script in the Local computer zone via script in HTML files that are referenced from XML files contained in a .wsz skin file...

CVE-2002-0840

Cross-site scripting XSS vulnerability in the default error page of Apache 2.0 before 2.0.43, and 1.3.x up to 1.3.26, when UseCanonicalName is "Off" and support for wildcard DNS is present, allows remote attackers to execute script as other web page visitors via the Host: header, a different...

CVE-2002-1307

Cross-site scripting vulnerability XSS in MHonArc 2.5.12 and earlier allows remote attackers to insert script or HTML via an email message with the script in a MIME header name...

CVE-2004-0820

Winamp before 5.0.4 allows remote attackers to execute arbitrary script in the Local computer zone via script in HTML files that are referenced from XML files contained in a .wsz skin file...

VulnCheck KEV: CVE-2004-0820

Winamp before 5.0.4 allows remote attackers to execute arbitrary script in the Local computer zone via script in HTML files that are referenced from XML files contained in a .wsz skin file...

CVE-2004-1735

Cross-site scripting XSS vulnerability in the create list option in Sympa 4.1.x and earlier allows remote authenticated users to inject arbitrary web script or HTML via the description field...

Mantis Bug Tracker 0.19 - Remote Server-Side Script Execution

source: https://www.securityfocus.com/bid/10993/info Mantix is reportedly susceptible to a remote server-side script execution vulnerability. This vulnerability only presents itself when PHP is configured on the hosting computer with 'registerglobals = on'. When PHP is configured to register glob...

Mantis Bug Tracker 0.19 - Remote Server-Side Script Execution

Mantis Bug Tracker 0.19 - Remote Server-Side Script Execution source: https://www.securityfocus.com/bid/10993/info Mantix is reportedly susceptible to a remote server-side script execution vulnerability. This vulnerability only presents itself when PHP is configured on the hosting computer with...

CVE-2004-0503

Microsoft Outlook 2003 allows remote attackers to bypass the default zone restrictions and execute script within media files via a Rich Text Format RTF message containing an OLE object for the Windows Media Player, which bypasses Media Player's setting to disallow scripting and may lead to...

CVE-2004-1719

Multiple cross-site scripting XSS vulnerabilities in Merak Webmail Server 5.2.7 allow remote attackers to inject arbitrary web script or HTML via the 1 category, 2 cserver, 3 ext, 4 global, 5 showgroups, 6 or showlite parameters to address.html, or the 7 spage or 8 autoresponder parameters to...

CVE-2004-1716

Cross-site scripting XSS vulnerability in PForum before 1.26 allows remote attackers to inject arbitrary web script or HTML via the 1 IRC Server or 2 AIM ID fields in the user profile...

CVE-2004-0203

Cross-site scripting XSS vulnerability in Outlook Web Access for Exchange Server 5.5 Service Pack 4 allows remote attackers to insert arbitrary script and spoof content in HTML email or web caches via an HTML redirect query...

CVE-2004-0660

Cross-site scripting XSS vulnerability in 1 showarchives.php, 2 shownews.php, and possibly other php files in CuteNews 1.3.1 allows remote attackers to inject arbitrary script or HTML via the id parameter...

CVE-2004-0591

Cross-site scripting XSS vulnerability in the printheaderuc function for SqWebMail 4.0.4 and earlier, and possibly 3.x, allows remote attackers to inject arbitrary web script or HRML via 1 e-mail headers or 2 a message with a "message/delivery-status" MIME Content-Type...

CVE-2004-1711

Cross-site scripting XSS vulnerability in post.php in Moodle before 1.3 allows remote attackers to inject arbitrary web script or HTML via the reply parameter...

CVE-2004-2064

Cross-site scripting XSS vulnerability in lostBook 1.1 and earlier allows remote attackers to inject arbitrary web script via the 1 Email or 2 Website fields...