CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6665 matches found

exploitpack•added 2007/12/31 12:0 a.m.•8 views

MilliScripts - dir.php Cross-Site Scripting

MilliScripts - dir.php Cross-Site Scripting source: https://www.securityfocus.com/bid/27078/info MilliScripts is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

0.1AI score

Exploits0

Exploit DB•added 2007/12/31 12:0 a.m.•19 views

MilliScripts - 'dir.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/27078/info MilliScripts is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context ...

7.4AI score

Exploits0

Exploit DB•added 2007/12/31 12:0 a.m.•25 views

LiveCart 1.0.1 - 'q' Cross-Site Scripting

source: https://www.securityfocus.com/bid/27087/info LiveCart is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

7AI score

Exploits0

Exploit DB•added 2007/12/29 12:0 a.m.•18 views

Makale Scripti - Cross-Site Scripting

source: https://www.securityfocus.com/bid/27067/info Makale Scripti is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the contex...

7.4AI score

Exploits0

exploitpack•added 2007/12/29 12:0 a.m.•9 views

Makale Scripti - Cross-Site Scripting

Makale Scripti - Cross-Site Scripting source: https://www.securityfocus.com/bid/27067/info Makale Scripti is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser...

6.8AI score

Exploits0

Exploit DB•added 2007/12/28 12:0 a.m.•19 views

NetBizCity FaqMasterFlexPlus - 'faq.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/27051/info FaqMasterFlexPlus is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

7.4AI score

Exploits0

exploitpack•added 2007/12/25 12:0 a.m.•13 views

Limbo CMS 1.0.4 - com_option Cross-Site Scripting

Limbo CMS 1.0.4 - comoption Cross-Site Scripting source: https://www.securityfocus.com/bid/27027/info Limbo CMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

6.8AI score

Exploits0

Exploit DB•added 2007/12/22 12:0 a.m.•46 views

Dokeos 1.x - '/forum/viewthread.php?forum' Cross-Site Scripting

source: https://www.securityfocus.com/bid/26992/info Dokeos is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

7AI score

Exploits0

exploitpack•added 2007/12/18 12:0 a.m.•12 views

Mambo 4.6.2 - index.php Multiple Cross-Site Scripting Vulnerabilities

Mambo 4.6.2 - index.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/26922/info Mambo is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute...

0.1AI score

Exploits0

Exploit DB•added 2007/12/18 12:0 a.m.•26 views

Adobe Flash Player 8.0.34.0/9.0.x - 'main.swf?baseurl' asfunction: Protocol Handler Cross-Site Scripting

source: https://www.securityfocus.com/bid/26949/info Adobe Flash Player is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting...

7.4AI score

Exploits0

exploitpack•added 2007/12/18 12:0 a.m.•8 views

Adobe Flash Player 8.0.34.09.0.x - main.swf?baseurl asfunction: Protocol Handler Cross-Site Scripting

Adobe Flash Player 8.0.34.09.0.x - main.swf?baseurl asfunction: Protocol Handler Cross-Site Scripting source: https://www.securityfocus.com/bid/26949/info Adobe Flash Player is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An...

Exploits0

securityvulns•added 2007/12/13 12:0 a.m.•46 views

Advisory: Websense XSS Vulnerability

December 10th, 2007 ======= Summary ======= Name: Websense XSS Vulnerability Release Date: 10 December 2007 Reference: LSD002-2007 Discover: Dave Lewis CVE:Pending Vendor: Websense Product: Websense Enterprise and Websense Web Security Suite Systems Affected: version 6.3 as tested Risk: Less...

0.1AI score

Exploits0

Symantec•added 2007/12/11 12:0 a.m.•16 views

Microsoft Internet Explorer mshtml.dll Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Successful exploits will compromise the user's account and possibly the underlying computer...

8AI score

Exploits0References3Affected Software7

Exploit DB•added 2007/12/10 12:0 a.m.•28 views

SquirrelMail G/PGP Encryption Plugin 2.0/2.1 - Access Validation / Input Validation

source: https://www.securityfocus.com/bid/26788/info The G/PGP encryption plugin for SquirrelMail is prone to an input-validation vulnerability and an access-validation vulnerability. Attackers can exploit these issues to inject arbitrary script code into public key data or to delete and overwrit...

7AI score

Exploits0

exploitpack•added 2007/12/10 12:0 a.m.•20 views

SquirrelMail GPGP Encryption Plugin 2.02.1 - Access Validation Input Validation

SquirrelMail GPGP Encryption Plugin 2.02.1 - Access Validation Input Validation source: https://www.securityfocus.com/bid/26788/info The G/PGP encryption plugin for SquirrelMail is prone to an input-validation vulnerability and an access-validation vulnerability. Attackers can exploit these issue...

0.5AI score

Exploits0

Exploit DB•added 2007/12/10 12:0 a.m.•27 views

webSPELL 4.1.2 - 'calendar.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/26787/info webSPELL is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

7.4AI score

Exploits0

exploitpack•added 2007/12/06 12:0 a.m.•9 views

Kayako SupportSuite 3.0.32 - PHP_SELF Trigger_Error Function Cross-Site Scripting

Kayako SupportSuite 3.0.32 - PHPSELF TriggerError Function Cross-Site Scripting source: https://www.securityfocus.com/bid/26744/info SupportSuite is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to...

0.1AI score

Exploits0

exploitpack•added 2007/12/06 12:0 a.m.•13 views

OpenNewsletter 2.5 - Compose.php Cross-Site Scripting

OpenNewsletter 2.5 - Compose.php Cross-Site Scripting source: https://www.securityfocus.com/bid/26745/info OpenNewsletter is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitra...

6.8AI score

Exploits0

Exploit DB•added 2007/12/06 12:0 a.m.•18 views

Kayako SupportSuite 3.0.32 - 'PHP_SELF Trigger_Error' Function Cross-Site Scripting

source: https://www.securityfocus.com/bid/26744/info SupportSuite is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context ...

7.4AI score

Exploits0

Drupal•added 2007/12/05 12:0 a.m.•10 views

SA-2007-032 - Shoutbox - Cross site scripting

Message sent from the Shoutbox block, where visitors can quickly post short messages, are not properly sanitized in a number of cases. This allows malicious users to inject arbitrary HTML and script code into the block. Learn more about cross site scripting on Wikipedia. Versions affected Shoutbo...

6.4AI score

Exploits0References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by