CVE-2001-1161

Cross-site scripting CSS vulnerability in Lotus Domino 5.0.6 allows remote attackers to execute script on other web clients via a URL that ends in Javascript, which generates an error message that does not quote the resulting script...

CVE-2002-0329

Cross-site scripting vulnerability in Snitz Forums 2000 3.3.03 and earlier allows remote attackers to execute arbitrary script as other Forums 2000 users via Javascript in an IMG tag...

CVE-2002-0330

Cross-site scripting vulnerability in codeparse.php of Open Bulletin Board OpenBB 1.0.0 allows remote attackers to execute arbitrary script and steal cookies via Javascript in the IMG tag...

CVE-2002-0388

Cross-site scripting vulnerabilities in Mailman before 2.0.11 allow remote attackers to execute script via 1 the admin login page, or 2 the Pipermail index summaries...

CVE-2002-0535

Cross-site scripting vulnerabilities in PostBoard 2.0.1 and earlier allows remote attackers to execute script as other users via 1 an IMG tag when BBCode is enabled, or 2 in a topic title...

CVE-2002-0388

Cross-site scripting vulnerabilities in Mailman before 2.0.11 allow remote attackers to execute script via 1 the admin login page, or 2 the Pipermail index summaries...

CVE-2002-0269

Internet Explorer 5.x and 6 interprets an object as an HTML document even when its MIME Content-Type is text/plain, which could allow remote attackers to execute arbitrary script in documents that the user does not expect, possibly through web applications that use a text/plain type to prevent...

CVE-2002-0243

Cross-site scripting vulnerability in Opera 6.0 and earlier allows remote attackers to execute arbitrary script via an Extended HTML Form, whose output from the remote server is not properly cleansed...

Yahoo Messenger - Multiple Vulnerabilities

Yahoo! Instant Messenger YIM Hi-Jack 101-- Multiple Vulnerabilities & Demonstration Exploit Date : 05/02/2002 Version : Yahoo! Messenger 5, 0, 0, 1061 latest build at time Platforms : Win98, Win2K, XP Pro and likely all Windows versions Severity : Medium - High Contents : 01. Summary 02...

CVE-2002-0189

Cross-site scripting vulnerability in Internet Explorer 6.0 allows remote attackers to execute scripts in the Local Computer zone via a URL that exploits a local HTML resource file, aka the "Cross-Site Scripting in Local HTML Resource" vulnerability...

CVE-2002-0205

Cross-site scripting CSS vulnerability in error.asp for Plumtree Corporate Portal 3.5 through 4.5 allows remote attackers to execute arbitrary script on other clients via the "Description" parameter...

CVE-2002-0238

Cross-site scripting vulnerability in web administration interface for NetGear RT314 and RT311 Gateway Routers allows remote attackers to execute arbitrary script on another client via a URL that contains the script...

CVE-2002-0242

Cross-site scripting vulnerability in Internet Explorer 6 earlier allows remote attackers to execute arbitrary script via an Extended HTML Form, whose output from the remote server is not properly cleansed...

CVE-2002-0205

Cross-site scripting CSS vulnerability in error.asp for Plumtree Corporate Portal 3.5 through 4.5 allows remote attackers to execute arbitrary script on other clients via the "Description" parameter...

CVE-2001-1248

vWebServer 1.2.0 allows remote attackers to view arbitrary ASP scripts via a request for an ASP script that ends with a URL-encoded space character %20...

CVE-2002-0242

The CVE-2002-0242 entry concerns Internet Explorer 6 and describes a cross-site scripting vulnerability where output from a remote server via an Extended HTML Form is not properly cleansed, allowing remote script execution. Affected component: Internet Explorer 6 (Extended HTML Form handling). Ro...

CVE-2002-0316

Cross-site scripting vulnerability in eXtreme message board XMB 1.6x and earlier allows remote attackers to execute script as other XMB users by inserting the script into an IMG tag...

CVE-2002-0205

The CVE-2002-0205 entry describes a cross‑site scripting (XSS) flaw in Plumtree Corporate Portal 3.5–4.5, where an attacker could inject arbitrary script via the Description parameter in error.asp, potentially affecting other clients. The affected product/component is Plumtree Corporate Portal (e...

CVE-2002-0075

Cross-site scripting vulnerability for Internet Information Server IIS 4.0, 5.0 and 5.1 allows remote attackers to execute arbitrary script as other web users via the error message used in a URL redirect ""302 Object Moved" message...

CVE-2002-1640

Multiple cross-site scripting XSS vulnerabilities in Oracle Configurator before 11.5.7.17.32 and 11.5.6.16.53 allows remote attackers to inject arbitrary web script or HTML via 1 Text Features in the DHTML UI or 2 the test parameter to the oracle.apps.cz.servlet.UiServlet servlet...