Lucene search
+L

6660 matches found

CVE
CVE
added 2005/03/20 5:0 a.m.49 views

CVE-2005-0818

CVE-2005-0818 affects PunBB 1.2.3. The vulnerability is a Cross-site Scripting (XSS) flaw where an attacker can inject arbitrary web script or HTML via the email or Jabber parameters in profile-related input. The connected sources confirm PunBB 1.2.3 as the affected software and specify the vulne...

4.3CVSS5.7AI score0.02685EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2005/03/14 5:0 a.m.7 views

CVE-2005-0509

Multiple cross-site scripting XSS vulnerabilities in the Mono 1.0.5 implementation of ASP.NET .Net allow remote attackers to inject arbitrary HTML or web script via Unicode representations for ASCII fullwidth characters that are converted to normal ASCII characters, including "" and ""...

6AI score
Exploits0References4
Cvelist
Cvelist
added 2005/03/11 5:0 a.m.21 views

CVE-2003-1100

Multiple cross-site scripting XSS vulnerabilities in Hummingbird CyberDOCS 3.5.1, 3.9, and 4.0 allow remote attackers to inject arbitrary web script or HTML via certain vectors...

5.8AI score0.01499EPSS
Exploits0References5
Cvelist
Cvelist
added 2005/03/09 5:0 a.m.18 views

CVE-2005-0549

Cross-site scripting XSS vulnerability in Solaris AnswerBook2 Documentation 1.4.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the "View Log Files" function...

5.6AI score0.0172EPSS
Exploits4References3
CVE
CVE
added 2005/03/07 5:0 a.m.53 views

CVE-2005-0660

CVE-2005-0660 affects D-Forum 1.11 with multiple cross-site scripting (XSS) vulnerabilities. The issue allows remote attackers to inject arbitrary script/HTML via certain fields, demonstrated using the page parameter in nav.php3. NVD notes network attack vector, medium complexity, no authenticati...

4.3CVSS6AI score0.00938EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2005/03/07 5:0 a.m.52 views

CVE-2005-0656

CVE-2005-0656 affects auraCMS 1.5 with multiple XSS vulnerabilities. The issues allow remote attackers to inject arbitrary web script or HTML through (1) hits.php via the hits parameter, (2) index.php via an unspecified query parameter, and (3) counter.php via the theCount parameter. The NVD entr...

4.3CVSS6AI score0.01255EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2005/03/04 5:0 a.m.49 views

CVE-2005-0650

CVE-2005-0650 : Multiple cross-site scripting vulnerabilities in ProjectBB 0.4.5.1 allow remote injection of arbitrary script/HTML. Affected vectors include (1) the pages parameter to divers.php, (2) the search feature text area, (3) forum name, (4) site name, or (5) the maximum avatar size in th...

4.3CVSS5.9AI score0.01911EPSS
Exploits1References6Affected Software1
CVE
CVE
added 2005/02/26 5:0 a.m.46 views

CVE-2004-1746

The CVE-2004-1746 entry describes a Cross-site scripting (XSS) vulnerability in PHP Code Snippet Library’s index.php, exploitable via the cat_select and show parameters. The underlying issue is inadequate input sanitization in index.php, allowing remote attackers to inject arbitrary JavaScript in...

4.3CVSS5.9AI score0.03596EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2005/02/26 5:0 a.m.56 views

CVE-2004-1730

CVE-2004-1730 is an XSS vulnerability in the Mantis bugtracker. The issue allows remote attackers to inject arbitrary script/HTML via four vectors: (1) the return parameter to login_page.php, (2) the e-mail field in signup.php, (3) the action parameter to login_select_proj_page.php, and (4) the h...

4.3CVSS5.7AI score0.01444EPSS
Exploits1References7Affected Software1
Cvelist
Cvelist
added 2005/02/26 5:0 a.m.19 views

CVE-2004-1738

Cross-site scripting XSS vulnerability in page.php in JShop allows remote attackers to inject arbitrary web script or HTML via the xPage parameter...

5.7AI score0.01208EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2005/02/24 5:0 a.m.51 views

CVE-2005-0543

Cross-site scripting XSS vulnerability in phpMyAdmin 2.6.1 allows remote attackers to inject arbitrary HTML and web script via 1 the strServer, cfgBgcolorOne, or strServerChoice parameters in selectserver.lib.php, 2 the bgcolor or rowno parameters in displaytbllinks.lib.php, the leftfontfamily...

4.3CVSS5.7AI score0.03964EPSS
Exploits1
NVD
NVD
added 2005/02/22 5:0 a.m.17 views

CVE-2005-0514

Cross-site scripting XSS vulnerability in Verity Ultraseek before 5.3.3 allows remote attackers to inject arbitrary HTML and web script via search parameters...

4.3CVSS5.8AI score0.02412EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2005/02/20 5:0 a.m.61 views

CVE-2004-1559

Multiple cross-site scripting XSS vulnerabilities in Wordpress 1.2 allow remote attackers to inject arbitrary web script or HTML via the 1 redirectto, text, popupurl, or popuptitle parameters to wp-login.php, 2 redirecturl parameter to admin-header.php, 3 popuptitle, popupurl, content, or posttit...

4.3CVSS4AI score0.06465EPSS
Exploits1
Cvelist
Cvelist
added 2005/02/20 5:0 a.m.23 views

CVE-2004-1659

Cross-site scripting XSS vulnerability in index.php in CuteNews 1.3.6 and earlier allows remote attackers with Administrator, Editor, Journalist or Commenter privileges to inject arbitrary web script or HTML via the mod parameter...

5.7AI score0.03589EPSS
Exploits1References4
Cvelist
Cvelist
added 2005/02/20 5:0 a.m.27 views

CVE-2004-1559

Multiple cross-site scripting XSS vulnerabilities in Wordpress 1.2 allow remote attackers to inject arbitrary web script or HTML via the 1 redirectto, text, popupurl, or popuptitle parameters to wp-login.php, 2 redirecturl parameter to admin-header.php, 3 popuptitle, popupurl, content, or posttit...

5.6AI score0.06465EPSS
Exploits1References5
CVE
CVE
added 2005/02/19 5:0 a.m.52 views

CVE-2005-0477

The CVE-2005-0477 entry describes a Cross-site scripting (XSS) vulnerability in the SML code of Invision Power Board 1.3.1 FINAL. The issue can be triggered by crafted content in (1) a signature file or (2) a message post containing an IMG tag within a COLOR tag whose style is set to background:u...

4.3CVSS6AI score0.02369EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2005/02/19 5:0 a.m.55 views

CVE-2005-0480

CVE-2005-0480 is a cross-site scripting (XSS) vulnerability in TrackerCam 5.12 and earlier. The issue arises from accepting a login request that is recorded in a log file but not properly sanitized when an administrator views the log, allowing remote attackers to inject arbitrary HTML or web scri...

4.3CVSS5.7AI score0.01242EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2005/02/19 5:0 a.m.18 views

CVE-2005-0495

Cross-site scripting XSS vulnerability in ZeroBoard allows remote attackers to inject arbitrary web script or HTML via the 1 sn1, 2 year, or 3 page parameter to zboard.php or 4 filename to viewimage.php...

4.3CVSS5.7AI score0.01164EPSS
Exploits0References3
NVD
NVD
added 2005/02/15 5:0 a.m.18 views

CVE-2005-0434

Multiple cross-site scripting XSS vulnerabilities in Php-Nuke 7.5 allow remote attackers to inject arbitrary HTML or web script via 1 the newdownloadshowdays parameter in a NewDownloads operation or 2 the newlinkshowdays parameter in a NewLinks operation...

4.3CVSS5.9AI score0.01242EPSS
Exploits1References3
Cvelist
Cvelist
added 2005/02/15 5:0 a.m.19 views

CVE-2005-0434

Multiple cross-site scripting XSS vulnerabilities in Php-Nuke 7.5 allow remote attackers to inject arbitrary HTML or web script via 1 the newdownloadshowdays parameter in a NewDownloads operation or 2 the newlinkshowdays parameter in a NewLinks operation...

5.9AI score0.01242EPSS
Exploits1References3
Rows per page
Query Builder