CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

6685 matches found

NVD•added 2002/10/04 4:0 a.m.•8 views

CVE-2002-1070

Cross-site scripting vulnerability in PHPWiki Postnuke wiki module allows remote attackers to execute script as other PHPWiki users via the pagename parameter...

7.5CVSS6.6AI score0.08392EPSS

Exploits0References3

Exploit DB•added 2002/10/01 12:0 a.m.•20 views

Microsoft Internet Explorer 5 - Document Reference Zone Bypass

source: https://www.securityfocus.com/bid/5841/info A vulnerability has been reported in Microsoft Internet Explorer that may allow for remote attackers to execute script code in the context of other domains/security Zones. The cause appears to be a lack of access control checks when access to a...

CERT•added 2002/10/01 12:0 a.m.•25 views

Microsoft Internet Explorer executes scripts when scripting has been disabled after bypassing initial security checks

Overview A vulnerability exists in Microsoft Internet Explorer that could permit an attacker to execute arbitrary script, even if the user has specifically disabled active scripting. Description Internet Explorer permits users to customize settings that enable and disable the ability of scripts t...

7.5CVSS7.4AI score0.07118EPSS

Exploits0References2

exploitpack•added 2002/09/26 12:0 a.m.•21 views

PostNuke 0.72 - modules.php Cross-Site Scripting

PostNuke 0.72 - modules.php Cross-Site Scripting source: https://www.securityfocus.com/bid/5809/info A cross site scripting vulnerability has been reported for PostNuke. An attacker may exploit this vulnerability by enticing a victim user to follow a malicious link. Attacker-supplied HTML and...

exploitpack•added 2002/09/25 12:0 a.m.•26 views

DaCode 1.2 - News Message HTML Injection

DaCode 1.2 - News Message HTML Injection source: https://www.securityfocus.com/bid/5798/info Problems with DaCode could make it possible to execute arbitrary script code in a vulnerable client. DaCode does not sufficiently filter potentially malicious HTML code from news posts. As a result, when ...

exploitpack•added 2002/09/25 12:0 a.m.•16 views

Drupal 4.0 - News Message HTML Injection

Drupal 4.0 - News Message HTML Injection source: https://www.securityfocus.com/bid/5801/info Problems with Drupal could allow an attacker to execute arbitrary script code in a vulnerable client. Drupal fails to sufficiently filter potentially malicious HTML code from news posts. As a result, when...

Exploit DB•added 2002/09/25 12:0 a.m.•30 views

PHP-Nuke 6.0 - News Message HTML Injection

source: https://www.securityfocus.com/bid/5796/info Problems with PHPNuke could make it possible to execute arbitrary script code in a vulnerable client. PHPNuke does not sufficiently filter potentially malicious HTML code from news posts. As a result, when a user views a news posting that contai...

exploitpack•added 2002/09/25 12:0 a.m.•15 views

NPDS 4.8 - News Message HTML Injection

NPDS 4.8 - News Message HTML Injection source: https://www.securityfocus.com/bid/5797/info Problems with NPDS could make it possible to execute arbitrary script code in a vulnerable client. NPDS does not sufficiently filter potentially malicious HTML code from news posts. As a result, when a user...

Exploit DB•added 2002/09/25 12:0 a.m.•29 views

NPDS 4.8 - News Message HTML Injection

source: https://www.securityfocus.com/bid/5797/info Problems with NPDS could make it possible to execute arbitrary script code in a vulnerable client. NPDS does not sufficiently filter potentially malicious HTML code from news posts. As a result, when a user views a news posting that contains...

Exploit DB•added 2002/09/25 12:0 a.m.•31 views

DaCode 1.2 - News Message HTML Injection

source: https://www.securityfocus.com/bid/5798/info Problems with DaCode could make it possible to execute arbitrary script code in a vulnerable client. DaCode does not sufficiently filter potentially malicious HTML code from news posts. As a result, when a user views a news posting that contains...

Exploit DB•added 2002/09/25 12:0 a.m.•32 views

phpWebSite 0.8.3 - News Message HTML Injection

source: https://www.securityfocus.com/bid/5802/info Problems with phpWebSite could make it possible to execute arbitrary script code in a vulnerable client. phpWebSite does not sufficiently filter potentially malicious HTML code from news posts. As a result, when a user views a news posting that...

Exploit DB•added 2002/09/25 12:0 a.m.•24 views

ACWeb 1.14/1.8 - Cross-Site Scripting

source: https://www.securityfocus.com/bid/5793/info acWEB is prone to cross-site scripting attacks. It is possible to construct a malicious link to the web server which contains arbitrary script code. When the link is visited, the script code will be executed in the web client of the user visitin...

Exploit DB•added 2002/09/25 12:0 a.m.•37 views

Drupal 4.0 - News Message HTML Injection

source: https://www.securityfocus.com/bid/5801/info Problems with Drupal could allow an attacker to execute arbitrary script code in a vulnerable client. Drupal fails to sufficiently filter potentially malicious HTML code from news posts. As a result, when a user views a news posting that contain...

Cvelist•added 2002/09/24 4:0 a.m.•17 views

CVE-2002-1131

Cross-site scripting vulnerabilities in SquirrelMail 1.2.7 and earlier allows remote attackers to execute script as other web users via 1 addressbook.php, 2 options.php, 3 search.php, or 4 help.php...

6.6AI score0.02841EPSS

Exploits2References6

NVD•added 2002/09/24 4:0 a.m.•18 views

CVE-2002-0691

Microsoft Internet Explorer 5.01 and 5.5 allows remote attackers to execute scripts in the Local Computer zone via a URL that references a local HTML resource file, a variant of "Cross-Site Scripting in Local HTML Resource" as identified by CAN-2002-0189...

7.5CVSS6.2AI score0.15058EPSS

Exploits1References3

NVD•added 2002/09/24 4:0 a.m.•16 views

CVE-2002-0989

The URL handler in the manual browser option for Gaim before 0.59.1 allows remote attackers to execute arbitrary script via shell metacharacters in a link...

7.5CVSS7.2AI score0.0495EPSS

Exploits1References15

Exploit DB•added 2002/09/24 12:0 a.m.•34 views

XOOPS 1.0 RC3 - HTML Injection

source: https://www.securityfocus.com/bid/5785/info Problems with XOOPS could make it possible to execute arbitrary script code in a vulnerable client. XOOPS does not sufficiently filter potentially malicious HTML code from posted messages. As a result, when a user views a message posting that...

exploitpack•added 2002/09/24 12:0 a.m.•21 views

XOOPS 1.0 RC3 - HTML Injection

XOOPS 1.0 RC3 - HTML Injection source: https://www.securityfocus.com/bid/5785/info Problems with XOOPS could make it possible to execute arbitrary script code in a vulnerable client. XOOPS does not sufficiently filter potentially malicious HTML code from posted messages. As a result, when a user...

exploitpack•added 2002/09/23 12:0 a.m.•17 views

HP Compaq Insight Manager - Web Interface Cross-Site Scripting

HP Compaq Insight Manager - Web Interface Cross-Site Scripting source: https://www.securityfocus.com/bid/5780/info It has been reported that the Compaq Insight Manager web interface is prone to cross-site scripting attacks. It is possible to construct a malicious link to a Compaq Insight Manager...

Exploit DB•added 2002/09/09 12:0 a.m.•29 views

phpGB 1.1 - HTML Injection

source: https://www.securityfocus.com/bid/5676/info phpGB is subject to HTML injection attacks. phpGB fails to check for the presence of HTML tags when generating guestbook entries. It is reported that an attacker may inject HTML and script code into guestbook entries, which will be executed in t...

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by