Vulnerabilities (CVE)

Filtered by CWE-79
Total 28953 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2002-2343 1 Nocc 1 Nocc 2024-02-04 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in NOCC 0.9 through 0.9.5 allows remote attackers to inject arbitrary web script or HTML via email messages.
CVE-2003-1549 1 Myabracadaweb 1 Myabracadaweb 2024-02-04 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in header.php in MyABraCaDaWeb 1.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the ma_kw parameter.
CVE-2002-2330 1 Uninet 1 Statsplus 2024-02-04 5.0 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in stat.pl in StatsPlus 1.25 allows remote attackers to inject arbitrary web script or HTML via (1) HTTP_USER_AGENT or (2) HTTP_REFERER, which is written to stats.html and executed in client browsers.
CVE-2004-0203 1 Microsoft 1 Exchange Server 2024-02-04 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in Outlook Web Access for Exchange Server 5.5 Service Pack 4 allows remote attackers to insert arbitrary script and spoof content in HTML email or web caches via an HTML redirect query.
CVE-2002-2424 1 Ekilat Llc 1 Php\(reactor\) 2024-02-04 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in PHP(Reactor) 1.2.7 pl1 allows remote attackers to inject arbitrary web script or HTML via Javascript in the style attribute of an HTML tag.
CVE-2002-2378 1 Nakata 1 An Httpd 2024-02-04 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in AN HTTP 1.41d allows remote attackers to inject arbitrary web script or HTML via a colon (:) in the query string, which is inserted into the resulting error page.
CVE-2003-1546 1 Filebased 1 Guestbook 2024-02-04 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in gbook.php in Filebased guestbook 1.1.3 allows remote attackers to inject arbitrary web script or HTML via the comment section.
CVE-2003-1453 1 Xoops 1 Xoops 2024-02-04 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the MytextSanitizer function in XOOPS 1.3.5 through 1.3.9 and XOOPS 2.0 through 2.0.1 allows remote attackers to inject arbitrary web script or HTML via a javascript: URL in an IMG tag.
CVE-2002-2260 1 Mozilla 1 Bugzilla 2024-02-04 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the quips feature in Mozilla Bugzilla 2.10 through 2.17 allows remote attackers to inject arbitrary web script or HTML via the "show all quips" page.
CVE-2002-0270 1 Opera Software 1 Opera Web Browser 2024-02-04 4.3 MEDIUM N/A
Opera, when configured with the "Determine action by MIME type" option disabled, interprets an object as an HTML document even when its MIME Content-Type is text/plain, which could allow remote attackers to execute arbitrary script in documents that the user does not expect, possibly through web applications that use a text/plain type to prevent cross-site scripting attacks.
CVE-2004-0678 1 12planet 1 Chat Server 2024-02-04 4.3 MEDIUM N/A
Cross-site scripting (XSS) in one2planet.infolet.InfoServlet in 12Planet Chat Server 2.9 allows remote attackers to execute arbitrary script as other users via the page parameter.
CVE-2003-1400 1 Francisco Burzi 1 Php-nuke 2024-02-04 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the Your_Account module for PHP-Nuke 5.0 through 6.0 allows remote attackers to inject arbitrary web script or HTML via the user_avatar parameter.
CVE-2003-1372 4 Linux, Microsoft, Myphpnuke and 1 more 4 Linux Kernel, All Windows, Myphpnuke and 1 more 2024-02-04 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in links.php script in myPHPNuke 1.8.8, and possibly earlier versions, allows remote attackers to inject arbitrary HTML and web script via the (1) ratenum or (2) query parameters.
CVE-2003-1347 1 Geeklog 1 Geeklog 2024-02-04 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in Geeklog 1.3.7 allow remote attackers to inject arbitrary web script or HTML via the (1) cid parameter to comment.php, (2) uid parameter to profiles.php, (3) uid to users.php, and (4) homepage field.
CVE-2002-2422 1 Compaq 1 Insight Management Agent 2024-02-04 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in Compaq Insight Management Agents 2.0, 2.1, 3.6.0, 4.2 and 4.3.7 allows remote attackers to inject arbitrary web script or HTML via a URL, which inserts the script into the resulting error message.
CVE-2003-1384 1 Py Software 1 Py-livredor 2024-02-04 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in index.php in PY-Livredor 1.0 allows remote attackers to insert arbitrary web script or HTML via the (1) titre, (2) Votre pseudo, (3) Votre e-mail, or (4) Votre message fields.
CVE-2002-2273 1 Webster 1 Webster Http Server 2024-02-04 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in Webster HTTP Server allows remote attackers to inject arbitrary web script or HTML via the URL.
CVE-2002-1852 1 Monkey-project 1 Monkey 2024-02-04 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in Monkey 0.5.0 allows remote attackers to inject arbitrary web script or HTML via (1) the URL or (2) a parameter to test2.pl.
CVE-2002-2255 1 Phpbb 1 Phpbb 2024-02-04 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in search.php in phpBB 2.0.3 and possibly earlier versions allows remote attackers to inject arbitrary web script or HTML via the search_username parameter in searchuser mode.
CVE-2003-1522 1 Pscs 1 Vpop3 Web Mail Server 2024-02-04 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in PSCS VPOP3 Web Mail server 2.0e and 2.0f allows remote attackers to inject arbitrary web script or HTML via the redirect parameter to the admin/index.html page.