Cross-site scripting (XSS) vulnerability in cc_guestbook.pl in CGI City CC GuestBook allows remote attackers to inject arbitrary web script or HTML via the (1) name and (2) homepage_title (webpage title) parameters.
Max CVSS
4.3
EPSS Score
0.19%
Published
2003-12-31
Updated
2018-10-19
Cross-site scripting (XSS) vulnerability in scozbook/add.php in ScozNet ScozBook 1.1 BETA allows remote attackers to inject arbitrary web script or HTML via the (1) username, (2) useremail, (3) aim, (4) msn, (5) sitename and (6) siteaddy variables.
Max CVSS
4.3
EPSS Score
0.35%
Published
2003-12-31
Updated
2018-10-19
Cross-site scripting (XSS) vulnerability in header.php in MyABraCaDaWeb 1.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the ma_kw parameter.
Max CVSS
4.3
EPSS Score
0.38%
Published
2003-12-31
Updated
2018-10-19
Cross-site scripting (XSS) vulnerability in block-Forums.php in the Splatt Forum module for PHP-Nuke 6.x allows remote attackers to inject arbitrary web script or HTML via the subject parameter.
Max CVSS
4.3
EPSS Score
0.25%
Published
2003-12-31
Updated
2018-10-19
Cross-site scripting (XSS) vulnerability in gbook.php in Filebased guestbook 1.1.3 allows remote attackers to inject arbitrary web script or HTML via the comment section.
Max CVSS
4.3
EPSS Score
0.25%
Published
2003-12-31
Updated
2017-08-08
Cross-site scripting (XSS) vulnerability in Bajie Http Web Server 0.95zxe, 0.95zxc, and possibly others, allows remote attackers to inject arbitrary web script or HTML via the query string, which is reflected in an error message.
Max CVSS
4.3
EPSS Score
0.40%
Published
2003-12-31
Updated
2017-08-08
Cross-site scripting (XSS) vulnerability in ONEdotOH Simple File Manager (SFM) before 0.21 allows remote attackers to inject arbitrary web script or HTML via (1) file names and (2) directory names.
Max CVSS
4.3
EPSS Score
0.16%
Published
2003-12-31
Updated
2008-09-05
Multiple cross-site scripting (XSS) vulnerabilities in Codeworx Technologies DCP-Portal 5.3.1 allow remote attackers to inject arbitrary web script or HTML via (1) the q parameter to search.php and (2) the year parameter to calendar.php.
Max CVSS
4.3
EPSS Score
8.65%
Published
2003-12-31
Updated
2017-07-29
Cross-site scripting (XSS) vulnerability in jgb.php3 in Justice Guestbook 1.3 allows remote attackers to inject arbitrary web script or HTML via the (1) name, (2) homepage, (3) aim, (4) yim, (5) location, and (6) comment variables.
Max CVSS
4.3
EPSS Score
0.39%
Published
2003-12-31
Updated
2018-10-19
Cross-site scripting (XSS) vulnerability in testcgi.exe in Lilikoi Software Ceilidh 2.70 and earlier allows remote attackers to inject arbitrary web script or HTML via the query string.
Max CVSS
4.3
EPSS Score
0.39%
Published
2003-12-31
Updated
2017-07-29
Cross-site scripting (XSS) vulnerability in PSCS VPOP3 Web Mail server 2.0e and 2.0f allows remote attackers to inject arbitrary web script or HTML via the redirect parameter to the admin/index.html page.
Max CVSS
4.3
EPSS Score
0.21%
Published
2003-12-31
Updated
2017-07-29
Cross-site scripting (XSS) vulnerability in Vivisimo clustering engine allows remote attackers to inject arbitrary web script or HTML via the query parameter to the search program.
Max CVSS
4.3
EPSS Score
0.22%
Published
2003-12-31
Updated
2017-07-29
Multiple cross-site scripting (XSS) vulnerabilities in example scripts in Caucho Technology Resin 2.0 through 2.1.2 allow remote attackers to inject arbitrary web script or HTML via (1) env.jsp, (2) form.jsp, (3) session.jsp, (4) the move parameter to tictactoe.jsp, or the (5) name or (6) comment fields to guestbook.jsp.
Max CVSS
4.3
EPSS Score
0.22%
Published
2003-12-31
Updated
2017-07-29
Cross-site scripting (XSS) vulnerability in Bajie Java HTTP Server 0.95 through 0.95zxv4 allows remote attackers to inject arbitrary web script or HTML via (1) the query string to test.txt, (2) the guestName parameter to the custMsg servlet, or (3) the cookiename parameter to the CookieExample servlet.
Max CVSS
4.3
EPSS Score
0.95%
Published
2003-12-31
Updated
2008-09-05
Cross-site scripting (XSS) vulnerability in dansguardian.pl in Adelix CensorNet 3.0 through 3.2 allows remote attackers to execute arbitrary script as other users by injecting arbitrary HTML or script into the DENIEDURL parameter.
Max CVSS
4.3
EPSS Score
0.49%
Published
2003-12-31
Updated
2017-07-29
Cross-site scripting (XSS) vulnerability in search.php for WRENSOFT Zoom Search Engine 2.0 Build 1018 and earlier allows remote attackers to inject arbitrary web script or HTML via the zoom_query parameter.
Max CVSS
4.3
EPSS Score
0.21%
Published
2003-12-31
Updated
2017-07-29
Cross-site scripting (XSS) vulnerability in webcamXP 1.02.432 and 1.02.535 allows remote attackers to inject arbitrary web script or HTML via the message field.
Max CVSS
4.3
EPSS Score
0.39%
Published
2003-12-31
Updated
2017-07-29
Multiple cross-site scripting (XSS) vulnerabilities in (1) login.php, (2) register.php, (3) post.php, and (4) common.php in Phorum before 3.4.3 allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors.
Max CVSS
4.3
EPSS Score
0.32%
Published
2003-12-31
Updated
2017-07-29
Cross-site scripting (XSS) vulnerability in the MytextSanitizer function in XOOPS 1.3.5 through 1.3.9 and XOOPS 2.0 through 2.0.1 allows remote attackers to inject arbitrary web script or HTML via a javascript: URL in an IMG tag.
Max CVSS
4.3
EPSS Score
0.21%
Published
2003-12-31
Updated
2017-07-29
Cross-site scripting (XSS) vulnerability in Opera 6.0 through 7.0 with automatic redirection disabled allows remote attackers to inject arbitrary web script or HTML via the HTTP Location header.
Max CVSS
4.3
EPSS Score
0.18%
Published
2003-12-31
Updated
2022-02-24
Cross-site scripting (XSS) vulnerability in the Your_Account module for PHP-Nuke 5.0 through 6.0 allows remote attackers to inject arbitrary web script or HTML via the user_avatar parameter.
Max CVSS
4.3
EPSS Score
0.22%
Published
2003-12-31
Updated
2017-07-29
Cross-site scripting (XSS) vulnerability in index.php in PY-Livredor 1.0 allows remote attackers to insert arbitrary web script or HTML via the (1) titre, (2) Votre pseudo, (3) Votre e-mail, or (4) Votre message fields.
Max CVSS
4.3
EPSS Score
0.91%
Published
2003-12-31
Updated
2017-07-29
Cross-site scripting (XSS) vulnerability in links.php script in myPHPNuke 1.8.8, and possibly earlier versions, allows remote attackers to inject arbitrary HTML and web script via the (1) ratenum or (2) query parameters.
Max CVSS
4.3
EPSS Score
0.48%
Published
2003-12-31
Updated
2017-07-29
Nuked-Klan 1.3b, and possibly earlier versions, allows remote attackers to obtain sensitive server information via an op parameter set to phpinfo for the (1) Team, (2) News, or (3) Liens modules.
Max CVSS
4.3
EPSS Score
0.47%
Published
2003-12-31
Updated
2017-07-29
Multiple cross-site scripting (XSS) vulnerabilities in Nuked-Klan 1.2b allow remote attackers to inject arbitrary HTML or web script via (1) the Author field in the Guestbook module, (2) the Titre or Pseudo fields in the Forum module, or (3) "La Tribune Libre" in the Shoutbox module.
Max CVSS
4.3
EPSS Score
0.35%
Published
2003-12-31
Updated
2017-07-29
129 vulnerabilities found
1 2 3 4 5 6
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!