Lucene search
K

6267 matches found

NVD
NVD
added 2002/12/31 5:0 a.m.21 views

CVE-2002-1799

Cross-site scripting XSS vulnerability in phpRank 1.8 allows remote attackers to inject arbitrary web script or HTML via the 1 email parameter to add.php or 2 banurl parameter...

4.3CVSS5.7AI score0.03614EPSS
Exploits1References3
NVD
NVD
added 2002/12/31 5:0 a.m.17 views

CVE-2002-2062

Cross-site scripting XSS vulnerability in ftp.htt in Internet Explorer 5.5 and 6.0, when running on Windows 2000 with "Enable folder view for FTP sites" and "Enable Web content in folders" selected, allows remote attackers to inject arbitrary web script or HTML via the hostname portion of an FTP...

4.3CVSS5.8AI score0.13341EPSS
Exploits1References4
NVD
NVD
added 2002/12/31 5:0 a.m.18 views

CVE-2002-1899

Cross-site scripting XSS vulnerability in IceWarp Web Mail 3.3.3 and 3.4.5 allows remote attackers to inject arbitrary web script or HTML via the "Full Name" addressname parameter...

4.3CVSS5.7AI score0.01255EPSS
Exploits1References4
NVD
NVD
added 2002/12/31 5:0 a.m.23 views

CVE-2002-2044

Cross-site scripting XSS vulnerability in xstatadmin.php in x-stat 2.3 and earlier allows remote attackers to inject arbitrary web script or HTML via a parameter to the phpinfo action...

4.3CVSS5.7AI score0.01938EPSS
Exploits1References5
NVD
NVD
added 2002/12/31 5:0 a.m.25 views

CVE-2002-1700

Cross-site scripting vulnerability XSS in the missing template handler in Macromedia ColdFusion MX allows remote attackers to execute arbitrary script as other users by injecting script into the HTTP request for the name of a template, which is not filtered in the resulting 404 error message...

4.3CVSS6.5AI score0.22904EPSS
Exploits0References4
Exploit DB
Exploit DB
added 2002/12/22 12:0 a.m.23 views

W-Agora 4.1.6 - 'EditForm.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/6464/info W-Agora is a freely available, open source PHP forum software package. It is available for Unix and Linux systems. A problem with W-Agora may make cross-site scripting attacks possible. It has been reported that W-Agora has a vulnerability in th...

7AI score
Exploits0
NVD
NVD
added 2002/12/11 5:0 a.m.21 views

CVE-2002-1187

Cross-site scripting vulnerability XSS in Internet Explorer 5.01 through 6.0 allows remote attackers to read and execute files on the local system via web pages using the or element and javascript, aka "Frames Cross Site Scripting," as demonstrated using the PrivacyPolicy.dlg resource...

6.8CVSS6.1AI score0.13726EPSS
Exploits0References7
NVD
NVD
added 2002/11/29 5:0 a.m.13 views

CVE-2002-1276

An incomplete fix for a cross-site scripting XSS vulnerability in SquirrelMail 1.2.8 calls the striptags function on the PHPSELF value but does not save the result back to that variable, leaving it open to cross-site scripting attacks...

4.3CVSS5.5AI score0.01366EPSS
Exploits0References6
securityvulns
securityvulns
added 2002/11/26 12:0 a.m.24 views

[Sec-Tec Advisory] Local scripting vulnerability in phpBB

Application: phpBB2 Vendor : http://www.phpbb.com Problem : Insufficient filtering of user input Usability : Easy Severity : Medium Report by : Pete Foster, Sec-Tec Ltd http://www.sec-tec.com The Product From vendors site: phpBB is a high powered, fully scalable, and highly customisable open-sour...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2002/11/25 12:0 a.m.25 views

Working Resources BadBlue 1.7.1 - Search Page Cross-Site Scripting

source: https://www.securityfocus.com/bid/6253/info The ext.dll ISAPI does not sufficiently sanitize user-supplied input when processing search queries. This may allow an attacker to create a custom URL containing script code that, when viewed in a browser by a legitimate user, will result in the...

7AI score
Exploits0
exploitpack
exploitpack
added 2002/10/18 12:0 a.m.22 views

YaBB 1.401.41 - Login Cross-Site Scripting

YaBB 1.401.41 - Login Cross-Site Scripting source: https://www.securityfocus.com/bid/6004/info A cross-site scripting vulnerability has been reported in the YaBB Yet Another Bulletin Board forum login script. HTML tags or script code are not sanitized from the error output of erroneous login...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2002/10/18 12:0 a.m.55 views

YaBB 1.40/1.41 - Login Cross-Site Scripting

source: https://www.securityfocus.com/bid/6004/info A cross-site scripting vulnerability has been reported in the YaBB Yet Another Bulletin Board forum login script. HTML tags or script code are not sanitized from the error output of erroneous login attempts. As a result, it is possible for a...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2002/10/10 12:0 a.m.21 views

PHPReactor 1.2.7 pl1 - browse.php Cross-Site Scripting

PHPReactor 1.2.7 pl1 - browse.php Cross-Site Scripting source: https://www.securityfocus.com/bid/5939/info phpReactor is prone to cross-site scripting attacks. An attacker may create a malicious link to a phpReactor site which contains malicious HTML and script code. If this link is visited by a...

6.8AI score
Exploits0
Debian
Debian
added 2002/10/08 7:58 p.m.15 views

[SECURITY] [DSA 169-1] New ht://Check packages fix cross site scripting problem

-------------------------------------------------------------------------- Debian Security Advisory DSA 169-1 [email protected] http://www.debian.org/security/ Martin Schulze September 25th, 2002 http://www.debian.org/security/faq -...

6.5AI score
Exploits0
NVD
NVD
added 2002/10/04 4:0 a.m.14 views

CVE-2002-0944

Cross-site scripting vulnerability in DeepMetrix LiveStats 5.03 through 6.2.1 allows remote attackers to execute arbitrary script as the LiveStats user via the 1 user-agent or 2 referrer, which are not filtered by the stats program...

7.5CVSS7AI score0.01588EPSS
Exploits0References4
exploitpack
exploitpack
added 2002/09/26 12:0 a.m.32 views

PostNuke 0.72 - modules.php Cross-Site Scripting

PostNuke 0.72 - modules.php Cross-Site Scripting source: https://www.securityfocus.com/bid/5809/info A cross site scripting vulnerability has been reported for PostNuke. An attacker may exploit this vulnerability by enticing a victim user to follow a malicious link. Attacker-supplied HTML and...

6.8AI score
Exploits0
securityvulns
securityvulns
added 2002/09/10 12:0 a.m.39 views

phpGB: cross site scripting bug

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ppp-design found the following cross-site-scripting-bug in phpGB: Details - ------- Product: phpGB Affected Version: 1.10 and maybe all versions before Immune Version: 1.20 OS affected: all OS with php Vendor-URL: http://www.walzl.net Vendor-Status:...

0.3AI score
Exploits0
Debian CVE
Debian CVE
added 2002/08/31 4:0 a.m.21 views

CVE-2002-1037

Cross-site scripting vulnerability in Double Choco Latte DCL before 20020706 allows remote attackers to inject arbitrary HTML, including script, into web pages via the 1 Ticket Find, 2 Priorities, 3 Severities, 4 Projects, 5 WO Find, 6 Departments and 7 Users features...

5CVSS6.3AI score0.01864EPSS
Exploits0
securityvulns
securityvulns
added 2002/08/20 12:0 a.m.28 views

NOVL-2002-2963297 - NetBasic Buffer Overflow + Scripting Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 For Immediate Disclosure ============================== Summary ============================== Security Alert: NOVL-2002-2963297 Title: NetBasic Buffer Overflow + Scripting Vulnerability Date: 20-Aug-2002 Revision: Original Security Alert Product Name...

6.9AI score
Exploits0
Exploit DB
Exploit DB
added 2002/08/12 12:0 a.m.34 views

W3C CERN HTTPd 3.0 Proxy - Cross-Site Scripting

source: https://www.securityfocus.com/bid/5447/info CERN httpd is a freely available HTTP server and HTTP proxy server available from the W3C. The httpd Proxy is vulnerable to a cross site scripting attack. The condition is present because of the way URLS are displayed in error messages. It is...

7.4AI score
Exploits0
Rows per page
Query Builder