Lucene search
K

6659 matches found

Cvelist
Cvelist
added 2005/04/07 4:0 a.m.26 views

CVE-2005-0995

Multiple cross-site scripting XSS vulnerabilities in ProductCart 2.7 allow remote attackers to inject arbitrary web script or HTML via 1 the keyword parameter to advSearchh.asp, 2 the redirectUrl parameter to NewCust.asp, 3 the country parameter to storelocatorsubmit.asp, or 4 the error parameter...

5.7AI score0.01427EPSS
Exploits1References7
CVE
CVE
added 2005/04/07 4:0 a.m.87 views

CVE-2005-0992

Summary: CVE-2005-0992 is an XSS in phpMyAdmin’s index.php via the convcharset parameter. The NVD entry lists a base score of 4.3 (MEDIUM) with network access, no confidentiality impact, but partial integrity impact and no availability impact. Connected OpenVAS entries tie the vulnerability to ph...

4.3CVSS5.4AI score0.04504EPSS
Exploits1References7Affected Software1
Cvelist
Cvelist
added 2005/04/05 4:0 a.m.15 views

CVE-2005-0982

Multiple cross-site scripting XSS vulnerabilities in Yet Another Forum.net 0.9.9 allow remote attackers to inject arbitrary web script or HTML via the 1 name, 2 location, or 3 Subject field...

5.8AI score0.00938EPSS
Exploits0References2
CVE
CVE
added 2005/04/05 4:0 a.m.40 views

CVE-2005-0982

CVE-2005-0982 affects Yet Another Forum.net 0.9.9 and involves multiple cross-site scripting (XSS) vulnerabilities that allow remote attackers to inject arbitrary script or HTML via the (1) name, (2) location, or (3) Subject field. The NVD entry lists a base score of 4.3 (Medium) with Network att...

4.3CVSS6AI score0.00938EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2005/04/03 5:0 a.m.24 views

CVE-2005-0961

Cross-site scripting XSS vulnerability in Horde 3.0.4 before 3.0.4-RC2 allows remote attackers to inject arbitrary web script or HTML via the parent frame title...

5.5AI score0.01235EPSS
Exploits0References4
CVE
CVE
added 2005/04/03 5:0 a.m.54 views

CVE-2005-0952

CVE-2005-0952 describes a cross-site scripting vulnerability in the PaFileDB 3.1 web application, specifically in pafiledb.php where the attacker can inject arbitrary script via the id parameter. The vulnerability is documented across multiple sources (NVD/Nessus/NVD CVE record). Exploitation cou...

5CVSS6.2AI score0.05863EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2005/03/29 5:0 a.m.17 views

CVE-2005-0919

Adventia Chat 3.1 and Server Pro 3.0 allows remote attackers to inject arbitrary web script or HTML into the chat space, which leaves other users vulnerable to cross-site scripting XSS attacks...

4.3CVSS5.7AI score0.01374EPSS
Exploits0References7
CVE
CVE
added 2005/03/29 5:0 a.m.53 views

CVE-2005-0908

CVE-2005-0908 : Affected product is Valdersoft Shopping Cart 3.0. The description documents multiple cross-site scripting (XSS) vulnerabilities that allow remote attackers to inject arbitrary web script or HTML via two parameters: (1) lang in index.php and (2) searchTopCategoryID in search_result...

4.3CVSS6AI score0.01003EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2005/03/29 5:0 a.m.19 views

CVE-2005-0919

Adventia Chat 3.1 and Server Pro 3.0 allows remote attackers to inject arbitrary web script or HTML into the chat space, which leaves other users vulnerable to cross-site scripting XSS attacks...

5.7AI score0.01374EPSS
Exploits0References7
Cvelist
Cvelist
added 2005/03/29 5:0 a.m.21 views

CVE-2005-0908

Multiple cross-site scripting XSS vulnerabilities in Valdersoft Shopping Cart 3.0 allow remote attackers to inject arbitrary web script or HTML via 1 the lang parameter to index.php or 2 the searchTopCategoryID parameter to searchresult.php...

5.8AI score0.01003EPSS
Exploits1References2
NVD
NVD
added 2005/03/28 5:0 a.m.12 views

CVE-2005-0908

Multiple cross-site scripting XSS vulnerabilities in Valdersoft Shopping Cart 3.0 allow remote attackers to inject arbitrary web script or HTML via 1 the lang parameter to index.php or 2 the searchTopCategoryID parameter to searchresult.php...

4.3CVSS5.8AI score0.01003EPSS
Exploits1References2
Cvelist
Cvelist
added 2005/03/28 5:0 a.m.21 views

CVE-2002-1640

Multiple cross-site scripting XSS vulnerabilities in Oracle Configurator before 11.5.7.17.32 and 11.5.6.16.53 allows remote attackers to inject arbitrary web script or HTML via 1 Text Features in the DHTML UI or 2 the test parameter to the oracle.apps.cz.servlet.UiServlet servlet...

5.5AI score0.05236EPSS
Exploits1References6
CVE
CVE
added 2005/03/26 5:0 a.m.75 views

CVE-2005-0885

XMB Forum 1.9.1 is affected by multiple XSS vulnerabilities (via the Mood and “Send To” fields). Exploitation could allow remote script injection in the context of the affected forum pages. The CVE-2005-0885 entry is corroborated by multiple sources (NVD/NIST and CVE list). The provided documents...

4.3CVSS5.8AI score0.01815EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2005/03/26 5:0 a.m.21 views

CVE-2005-0888

Multiple cross-site scripting XSS vulnerabilities in functions.inc.php for Double Choco Latte 0.9.4.3 allow remote attackers to inject arbitrary web script or HTML via the 1 class or 2 method name...

5.8AI score0.0121EPSS
Exploits0References4
Cvelist
Cvelist
added 2005/03/26 5:0 a.m.19 views

CVE-2005-0883

Multiple cross-site scripting XSS vulnerabilities in base.php for DigitalHive 2.0 allow remote attackers to inject arbitrary web script or HTML via 1 the mt parameter to the membres.php page or 2 the -afs-1- query string to the msg.php page...

5.8AI score0.01784EPSS
Exploits1References4
CVE
CVE
added 2005/03/24 5:0 a.m.44 views

CVE-2005-0846

CVE-2005-0846 affects NetWin SurgeMail 2.2g3 and describes multiple XSS vulnerabilities in the email auto-reply message, exploitable via the (1) message subject or (2) message header field to inject arbitrary web script/HTML. Exploitation details are not provided beyond this, but a remediation is...

4.3CVSS5.8AI score0.01833EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2005/03/24 5:0 a.m.53 views

CVE-2005-0857

CVE-2005-0857 describes a cross-site scripting (XSS) vulnerability in CoolForum 0.8 and earlier, where an attacker can inject arbitrary web script or HTML through the img parameter in avatar.php. The connected documents corroborate this XSS claim, with NVD listing the CVE and Tenable/Nessus plugi...

4.3CVSS5.8AI score0.01773EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2005/03/24 5:0 a.m.56 views

CVE-2005-0842

CVE-2005-0842 involves a cross-site scripting (XSS) vulnerability in Kayako eSupport version 2.3. The flaw occurs in index.php via the parameters _i and _c, allowing remote attackers to inject arbitrary web script or HTML in a victim’s browser. The public description does not specify a fix or aff...

4.3CVSS5.7AI score0.02632EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2005/03/20 5:0 a.m.22 views

CVE-2005-0784

Multiple cross-site scripting XSS vulnerabilities in Phorum before 5.0.15 allow remote attackers to inject arbitrary web script or HTML via 1 the subject line to follow.php or 2 the subject line in the user's personal control panel...

5.8AI score0.0129EPSS
Exploits1References3
CVE
CVE
added 2005/03/20 5:0 a.m.49 views

CVE-2005-0818

CVE-2005-0818 affects PunBB 1.2.3. The vulnerability is a Cross-site Scripting (XSS) flaw where an attacker can inject arbitrary web script or HTML via the email or Jabber parameters in profile-related input. The connected sources confirm PunBB 1.2.3 as the affected software and specify the vulne...

4.3CVSS5.7AI score0.02685EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder