Lucene search
K

6252 matches found

Exploit DB
Exploit DB
added 2003/06/09 12:0 a.m.23 views

H-Sphere 2.x - HTML Template Inclusion Cross-Site Scripting

source: https://www.securityfocus.com/bid/7855/info H-Sphere is prone to multiple cross-site scripting vulnerabilities via the HTML template feature in the Hosting Control Panel. HTML and script code will not be filtered from pages which are generated when a request for an invalid or unknown...

7.4AI score
Exploits0
Cvelist
Cvelist
added 2003/06/06 4:0 a.m.23 views

CVE-2003-0375

Cross-site scripting XSS vulnerability in member.php of XMBforum XMB 1.8.x aka Partagium allows remote attackers to insert arbitrary HTML and web script via the "member" parameter...

5.8AI score0.04542EPSS
Exploits0References4
exploitpack
exploitpack
added 2003/05/30 12:0 a.m.13 views

PHP 4.x - Transparent Session ID Cross-Site Scripting

PHP 4.x - Transparent Session ID Cross-Site Scripting source: https://www.securityfocus.com/bid/7761/info A cross-site scripting vulnerability has been discovered in PHP. The problem occurs due to insufficient sanitization of the PHPSESSID URI parameter. An attacker may be capable of exploiting...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2003/05/30 12:0 a.m.39 views

PHP 4.x - Transparent Session ID Cross-Site Scripting

source: https://www.securityfocus.com/bid/7761/info A cross-site scripting vulnerability has been discovered in PHP. The problem occurs due to insufficient sanitization of the PHPSESSID URI parameter. An attacker may be capable of exploiting this vulnerability by constructing a malicious link...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2003/05/27 12:0 a.m.20 views

Sun ONE Application Server 7.0 - Error Message Cross-Site Scripting

Sun ONE Application Server 7.0 - Error Message Cross-Site Scripting source: https://www.securityfocus.com/bid/7710/info Sun ONE Application Server has been reported prone to a cross-site scripting vulnerability. Sun ONE Application Server does not adequately filter script code from URL parameters...

Exploits0
Exploit DB
Exploit DB
added 2003/05/27 12:0 a.m.28 views

Sun ONE Application Server 7.0 - Error Message Cross-Site Scripting

source: https://www.securityfocus.com/bid/7710/info Sun ONE Application Server has been reported prone to a cross-site scripting vulnerability. Sun ONE Application Server does not adequately filter script code from URL parameters, making it prone to cross-site scripting attacks. Attacker-supplied...

7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2003/05/19 12:0 a.m.237 views

Proxy Web Server XSS

The remote host is running a proxy web server that fails to adequately sanitize request strings of malicious JavaScript. By leveraging this issue, an attacker may be able to cause arbitrary HTML and script code to be executed in a user's browser within the security context of the affected site. C...

6.8CVSS5.7AI score0.01614EPSS
Exploits0References1
Exploit DB
Exploit DB
added 2003/05/16 12:0 a.m.21 views

EZ Publish 2.2 - 'index.php' IMG Tag Cross-Site Scripting

source: https://www.securityfocus.com/bid/7616/info A cross-site scripting vulnerability has been reported for eZ publish. Specifically, eZ publish does not sufficiently sanitize user-supplied input supplied to the 'index.php' script. This may allow for theft of cookie-based authentication...

7AI score
Exploits0
exploitpack
exploitpack
added 2003/05/14 12:0 a.m.10 views

Inktomi Traffic Server 4.05.x - Cross-Site Scripting

Inktomi Traffic Server 4.05.x - Cross-Site Scripting source: https://www.securityfocus.com/bid/7596/info Inktomi Traffic Server is prone to a cross-site scripting vulnerability. This is due to insufficient sanitization of input passed to the proxy, which will be echoed back in error pages under...

Exploits0
securityvulns
securityvulns
added 2003/04/05 12:0 a.m.34 views

Css in Xoops module glossary 1.3.x

Author: Magistrat Date: 30/03/2003 Object: XOOPS glossary Module Input Filtering Bug Allows Remote Users to Conduct Cross-Site Scripting Attacks Impact: Disclosure of authentication information, Execution of arbitrary code via network, Modification of user information, User access via network Fix...

1AI score
Exploits0
Cvelist
Cvelist
added 2003/04/02 5:0 a.m.20 views

CVE-2002-0292

Cross-site scripting vulnerability in Slash before 2.2.5, as used in Slashcode and elsewhere, allows remote attackers to steal cookies and authentication information from other users via Javascript in a URL, possibly in the formkey field...

6.4AI score0.0134EPSS
Exploits0References3
Cvelist
Cvelist
added 2003/04/02 5:0 a.m.22 views

CVE-2002-0181

Cross-site scripting vulnerability in status.php3 for IMP 2.2.8 and HORDE 1.2.7 allows remote attackers to execute arbitrary web script and steal cookies of other IMP/HORDE users via the script parameter...

6.8AI score0.01847EPSS
Exploits0References8
Cvelist
Cvelist
added 2003/04/02 5:0 a.m.28 views

CVE-2002-1053

Cross-site scripting XSS vulnerability in W3C Jigsaw Proxy Server before 2.2.1 allows remote attackers to execute arbitrary script via a URL that contains a reference to a nonexistent host followed by the script, which is included in the resulting error message...

6.2AI score0.02093EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2003/03/23 12:0 a.m.21 views

Siteframe search.php searchfor Parameter XSS

Siteframe 2.2.4 has a cross-site scripting bug. An attacker may use it to perform a cross-site scripting attack on this host. In addition to this, another flaw in this package may allow an attacker to obtain the physical path to the remote web root. %NASLMINLEVEL 70300 written by K-Otik.com...

4.9AI score
Exploits0
exploitpack
exploitpack
added 2003/03/20 12:0 a.m.12 views

osCommerce 2.12.2 - Checkout_Payment.php Error Output Cross-Site Scripting

osCommerce 2.12.2 - CheckoutPayment.php Error Output Cross-Site Scripting source: https://www.securityfocus.com/bid/7155/info Error output is not sufficiently sanitized of HTML and script code by osCommerce. This may allow for cross-site scripting attacks as remote users could create a malicious...

6.8AI score
Exploits0
exploitpack
exploitpack
added 2003/03/19 12:0 a.m.13 views

Basit 1.0 Submit Module - Cross-Site Scripting

Basit 1.0 Submit Module - Cross-Site Scripting source: https://www.securityfocus.com/bid/7139/info A cross-site scripting vulnerability has been reported for Basit. This vulnerability occurs due to insufficient sanitization of some user-supplied input. As a result of this deficiency an attacker m...

6.8AI score
Exploits0
exploitpack
exploitpack
added 2003/03/19 12:0 a.m.11 views

Basit 1.0 Search Module - Cross-Site Scripting

Basit 1.0 Search Module - Cross-Site Scripting source: https://www.securityfocus.com/bid/7142/info A cross-site scripting vulnerability has been reported for Basit. This vulnerability occurs due to insufficient sanitization of some user-supplied input. As a result of this deficiency an attacker m...

6.8AI score
Exploits0
exploitpack
exploitpack
added 2003/03/15 12:0 a.m.15 views

RSA ClearTrust 4.64.7 - Login Page Cross-Site Scripting

RSA ClearTrust 4.64.7 - Login Page Cross-Site Scripting source: https://www.securityfocus.com/bid/7108/info A cross-site scripting vulnerability has been discovered in ClearTrust. Specifically, the login page for the management application is not properly sanitized of some user-supplied values. A...

Exploits0
Exploit DB
Exploit DB
added 2003/02/20 12:0 a.m.113 views

myPHPNuke 1.8.8 - 'links.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/6892/info Reportedly, myPHPNuke 'links.php' does not adequately filter HTML code thus making it prone to cross-site scripting attacks. It is possible for a remote attacker to create a malicious link containing script code that will be executed in the...

7.4AI score
Exploits0
Debian
Debian
added 2003/01/03 3:57 p.m.21 views

[SECURITY] [DSA 221-1] New mhonarc packages fix cross site scripting

-------------------------------------------------------------------------- Debian Security Advisory DSA 221-1 [email protected] http://www.debian.org/security/ Martin Schulze January 3rd, 2003 http://www.debian.org/security/faq -...

4.3CVSS5.5AI score0.01235EPSS
Exploits0
Rows per page
Query Builder