Security Vulnerabilities, CVEs, Published In April 2004 (XSS)

CVE-2004-1985

Cross-site scripting (XSS) vulnerability in menu.inc.php in Coppermine Photo Gallery 1.2.2b allows remote attackers to inject arbitrary HTML or web script via the CPG_URL parameter.
Max CVSS
4.3
EPSS Score
0.62%
Published
2004-04-30
Updated
2017-07-11

CVE-2004-1979

Cross-site scripting (XSS) vulnerability in do_search.php in PROPS 0.6.1 allows remote attackers to inject arbitrary HTML or web script via the search_string parameter.
Max CVSS
4.3
EPSS Score
0.25%
Published
2004-04-30
Updated
2017-07-11

CVE-2004-1978

Cross-site scripting (XSS) vulnerability in help.php in Moodle before 1.3 allows remote attackers to inject arbitrary HTML and web script via the text parameter.
Max CVSS
4.3
EPSS Score
0.62%
Published
2004-04-30
Updated
2020-12-01

CVE-2004-1975

Cross-site scripting (XSS) vulnerability in the category module in pafiledb.php for paFileDB 3.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter, a vulnerability that is closely related to CVE-2004-1551.
Max CVSS
4.3
EPSS Score
0.29%
Published
2004-04-27
Updated
2017-07-11

CVE-2004-1965

Multiple cross-site scripting (XSS) vulnerabilities in Open Bulletin Board (OpenBB) 1.0.6 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) redirect parameter to member.php, (2) to parameter to myhome.php (3) TID parameter to post.php, or (4) redirect parameter to index.php.
Max CVSS
4.3
EPSS Score
1.13%
Published
2004-04-25
Updated
2017-07-11

CVE-2004-1964

Cross-site scripting (XSS) vulnerability in nqt.php in Network Query Tool (NQT) 1.6 allows remote attackers to inject arbitrary web script or HTML via the portNum parameter.
Max CVSS
4.3
EPSS Score
0.68%
Published
2004-04-23
Updated
2017-07-11

CVE-2004-1957

Multiple cross-site scripting (XSS) vulnerabilities in PostNuke 0.726 allows remote attackers to inject arbitrary web script or HTML via the (1) lid and query parameters to the Downloads module, (2) query parameter to the Web_links module, or (3) hlpfile parameter to openwindow.php.
Max CVSS
2.6
EPSS Score
0.51%
Published
2004-04-21
Updated
2017-07-11

CVE-2004-1954

Cross-site scripting (XSS) vulnerability in modules.php in phProfession 2.5 allows remote attackers to inject arbitrary web script or HTML via the jcode parameter.
Max CVSS
4.3
EPSS Score
1.05%
Published
2004-04-21
Updated
2017-07-11

CVE-2004-1939

Cross-site scripting (XSS) vulnerability in Zaep AntiSpam 2.0 allows remote attackers to inject arbitrary web script or HTML via double encoded slashes (%252F) in the key parameter.
Max CVSS
4.3
EPSS Score
0.50%
Published
2004-04-14
Updated
2017-07-11

CVE-2004-1935

Cross-site scripting (XSS) vulnerability in SCT Campus Pipeline allows remote attackers to inject arbitrary web script or HTML via onload, onmouseover, and other Javascript events in an e-mail attachment.
Max CVSS
4.3
EPSS Score
0.23%
Published
2004-04-15
Updated
2017-07-11

CVE-2004-1930

Cross-site scripting (XSS) vulnerability in the cookiedecode function in mainfile.php for PHP-Nuke 6.x through 7.2, when themes are used, allows remote attackers to inject arbitrary web script or HTML via a base64-encoded user parameter or cookie.
Max CVSS
4.3
EPSS Score
1.02%
Published
2004-04-12
Updated
2017-07-11

CVE-2004-1924

Multiple cross-site scripting (XSS) vulnerabilities in Tiki CMS/Groupware (TikiWiki) 1.8.1 and earlier allow remote attackers to inject arbitrary web script or HTML via via the (1) theme parameter to tiki-switch_theme.php, (2) find and priority parameters to messu-mailbox.php, (3) flag, priority, flagval, sort_mode, or find parameters to messu-read.php, (4) articleId parameter to tiki-read_article.php, (5) parentId parameter to tiki-browse_categories.php, (6) comments_threshold parameter to tiki-index.php (7) articleId parameter to tiki-print_article.php, (8) galleryId parameter to tiki-list_file_gallery.php, (9) galleryId parameter to tiki-upload_file.php, (10) faqId parameter to tiki-view_faq.php, (11) chartId parameter to tiki-view_chart.php, or (12) surveyId parameter to tiki-survey_stats_survey.php.
Max CVSS
4.3
EPSS Score
0.59%
Published
2004-04-11
Updated
2017-07-11
12 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close