Lucene search
+L

6659 matches found

cvelist
cvelist
added 2005/02/13 5:0 a.m.22 views

CVE-2005-0378

Multiple cross-site scripting XSS vulnerabilities in Horde 3.0 allow remote attackers to inject arbitrary web script or HTML via the 1 group parameter to prefs.php or 2 url parameter to index.php...

5.7AI score0.0129EPSS
Exploits1References5
cvelist
cvelist
added 2005/02/13 5:0 a.m.14 views

CVE-2004-1441

Cross-site scripting XSS vulnerability in icq.cgi in Board Power 2.04PF allows remote attackers to inject arbitrary web script or HTML via the action parameter...

5.7AI score0.06573EPSS
Exploits1References4
cve
cve
added 2005/02/13 5:0 a.m.49 views

CVE-2005-0374

CVE-2005-0374 affects BiTBOARD (2.5 and earlier). The issue is a cross-site scripting (XSS) vulnerability exploitable via an [img] bbcode image tag with an event (e.g., mouseover). Documented impact includes potential cookie theft and partial integrity impact on affected pages. Remediation shown ...

4.3CVSS5.7AI score0.0125EPSS
Exploits1References4Affected Software1
cve
cve
added 2005/02/12 5:0 a.m.51 views

CVE-2004-1397

CVE-2004-1397 affects UseModWiki 1.0 and is caused by a vulnerability in the CGI script wiki.pl that allows remote attackers to execute arbitrary script/HTML via an argument. The impact noted in sources is partial integrity loss with no confidentiality or availability impact per the CVSS vector, ...

4.3CVSS5.7AI score0.01276EPSS
Exploits1References4
cvelist
cvelist
added 2005/02/12 5:0 a.m.38 views

CVE-2004-1424

Cross-site scripting XSS vulnerability in view.php in Moodle 1.4.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter...

5.5AI score0.01298EPSS
Exploits1References5
cve
cve
added 2005/02/12 5:0 a.m.35 views

CVE-2004-1418

CVE-2004-1418 affects WPKontakt 3.0.1 and earlier. The vulnerability is a cross-site scripting (XSS) flaw where an e-mail address is not quoted during a parsing error, allowing an attacker to inject arbitrary web script or HTML. Documented impact indicates partial integrity compromise with no con...

4.3CVSS6AI score0.0179EPSS
Exploits1References3
debiancve
debiancve
added 2005/02/12 5:0 a.m.36 views

CVE-2004-1397

Cross-site scripting XSS vulnerability in UseModWiki 1.0 allows remote attackers to inject arbitrary web script or HTML via an argument to wiki.pl...

4.3CVSS4AI score0.01276EPSS
Exploits1
cvelist
cvelist
added 2005/02/10 5:0 a.m.24 views

CVE-2005-0307

Multiple cross-site scripting XSS vulnerabilities in index.php in MercuryBoard 1.1.1 allow remote attackers to inject arbitrary web script or HTML via the 1 s, 2 l, 3 a, 4 t, 5 to, or 6 re parameters...

5.8AI score0.01735EPSS
Exploits0References3
cvelist
cvelist
added 2005/02/10 5:0 a.m.20 views

CVE-2005-0309

Multiple cross-site scripting XSS vulnerabilities in 1 index.php or 2 mod.php in Exponent 0.95 allow remote attackers to inject arbitrary web script or HTML via the module parameter...

5.8AI score0.01219EPSS
Exploits0References5
cve
cve
added 2005/02/10 5:0 a.m.42 views

CVE-2005-0307

MercuryBoard 1.1.1 is affected by CVE-2005-0307 due to multiple XSS in index.php, allowing remote injection of arbitrary script or HTML via the (1) s, (2) l, (3) a, (4) t, (5) to, or (6) re parameters. The vulnerability is documented in CVE records and corroborated by OpenVAS noting multiple vuln...

4.3CVSS5.8AI score0.01735EPSS
Exploits0References3Affected Software1
cvelist
cvelist
added 2005/02/10 5:0 a.m.23 views

CVE-2005-0264

Multiple cross-site scripting XSS vulnerabilities in browse.php in OWL 0.7 and 0.8 allow remote attackers to inject arbitrary web script or HTML via the 1 expand or 2 order parameter...

5.8AI score0.01255EPSS
Exploits1References4
cvelist
cvelist
added 2005/02/10 5:0 a.m.22 views

CVE-2005-0314

Cross-site scripting XSS vulnerability in user.php in Magic Winmail Server 4.0 Build 1112 allows remote attackers to inject arbitrary web script or HTML via the personal information fields...

5.6AI score0.01187EPSS
Exploits0References5
cvelist
cvelist
added 2005/02/06 5:0 a.m.23 views

CVE-2005-0219

Multiple cross-site scripting XSS vulnerabilities in Gallery 1.3.4-pl1 allow remote attackers to inject arbitrary web script or HTML via 1 the index field in addcomment.php, 2 setalbumName, 3 slideindex, 4 slidefull, 5 slideloop, 6 slidepause, 7 slidedir fields in slideshowlow.php, or 8 username...

5.7AI score0.01352EPSS
Exploits0References6
cvelist
cvelist
added 2005/02/06 5:0 a.m.43 views

CVE-2004-1384

Multiple cross-site scripting XSS vulnerabilities in phpGroupWare 0.9.16.003 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 kp3, 2 type, 3 msg, 4 forumid, 5 pos, 6 catsapp, 7 catid, 8 msgballmsgnum, 9 fldballacctnum parameters to index.php or 10 ticketid to...

5.7AI score0.04039EPSS
Exploits1References5
cve
cve
added 2005/02/06 5:0 a.m.63 views

CVE-2004-1384

CVE-2004-1384 refers to multiple XSS vulnerabilities in phpGroupWare 0.9.16.003 and earlier, exploitable via parameters to index.php or ticket_id to viewticket_details.php. Related CVEs include CVE-2004-1383 (SQL injection) and CVE-2004-1385 (information disclosure). Public sources consistently d...

4.3CVSS5.7AI score0.04039EPSS
Exploits1References5Affected Software1
cve
cve
added 2005/02/06 5:0 a.m.754 views

CVE-2005-0219

CVE-2005-0219 : The connected sources describe multiple XSS vulnerabilities in Gallery 1.3.4-pl1, allowing remote attackers to inject arbitrary script/HTML via fields in add_comment.php (index), slideshow_low.php (set_albumName, slide_index, slide_full, slide_loop, slide_pause, slide_dir), and se...

4.3CVSS5.7AI score0.01352EPSS
Exploits0References6Affected Software1
nvd
nvd
added 2005/01/28 5:0 a.m.16 views

CVE-2005-0320

Multiple cross-site scripting vulnerabilities in MERAK Mail Server 7.6.0 with Icewarp Web Mail 5.3.0 allow remote attackers to inject arbitrary web script or HTML via the 1 username parameter to login.html, 2 accountid parameter to accountsettingsadd.html, or the 3 note, 4 title, and 5 location...

5CVSS6.1AI score0.02615EPSS
Exploits0References3
nvd
nvd
added 2005/01/13 5:0 a.m.13 views

CVE-2005-0381

Cross-site scripting XSS vulnerability in f.aspx in forumKIT 1.0 allows remote attackers to inject arbitrary web script or HTML via the members parameter...

4.3CVSS5.7AI score0.01177EPSS
Exploits0References4
nvd
nvd
added 2005/01/10 5:0 a.m.18 views

CVE-2004-1202

Cross-site scripting XSS vulnerability in parser.php in phpCMS 1.2.1 and earlier, with non-stealth and debug modes enabled, allows remote attackers to inject arbitrary web script or HTML via the file parameter...

6.8CVSS5.7AI score0.02299EPSS
Exploits1References5
nvd
nvd
added 2005/01/01 5:0 a.m.16 views

CVE-2005-0266

Cross-site scripting XSS vulnerability in index.php in SugarCRM 1.X allows remote attackers to inject arbitrary web script or HTML via the 1 returnmodule, 2 returnaction, 3 name, 4 module, or 5 record parameter...

4.3CVSS5.7AI score0.01195EPSS
Exploits0References3
Rows per page
Query Builder