CVE & Exploit Intelligence Database

CVE-2003-1498 1 PoC Analysis EPSS 0.01

Cross-site scripting (XSS) vulnerability in search.php for WRENSOFT Zoom Search Engine 2.0 Build 1018 and earlier allows remote attackers to inject arbitrary web script or HTML via the zoom_query parameter.

CWE-79 Dec 31, 2003

CVE-2003-1506 1 PoC Analysis EPSS 0.01

Cross-site scripting (XSS) vulnerability in dansguardian.pl in Adelix CensorNet 3.0 through 3.2 allows remote attackers to execute arbitrary script as other users by injecting arbitrary HTML or script into the DENIEDURL parameter.

CWE-79 Dec 31, 2003

CVE-2003-1539 EPSS 0.00

Cross-site scripting (XSS) vulnerability in ONEdotOH Simple File Manager (SFM) before 0.21 allows remote attackers to inject arbitrary web script or HTML via (1) file names and (2) directory names.

CWE-79 Dec 31, 2003

CVE-2003-1479 EPSS 0.00

Cross-site scripting (XSS) vulnerability in webcamXP 1.02.432 and 1.02.535 allows remote attackers to inject arbitrary web script or HTML via the message field.

CWE-79 Dec 31, 2003

CVE-2003-1519 1 PoC Analysis EPSS 0.01

Cross-site scripting (XSS) vulnerability in Vivisimo clustering engine allows remote attackers to inject arbitrary web script or HTML via the query parameter to the search program.

CWE-79 Dec 31, 2003

CVE-2003-1420 EPSS 0.00

Cross-site scripting (XSS) vulnerability in Opera 6.0 through 7.0 with automatic redirection disabled allows remote attackers to inject arbitrary web script or HTML via the HTTP Location header.

CWE-79 Dec 31, 2003

CVE-2003-1546 EPSS 0.00

Cross-site scripting (XSS) vulnerability in gbook.php in Filebased guestbook 1.1.3 allows remote attackers to inject arbitrary web script or HTML via the comment section.

CWE-79 Dec 31, 2003

CVE-2003-1353 EPSS 0.00

Multiple cross-site scripting (XSS) vulnerabilities in Outreach Project Tool (OPT) 0.946b allow remote attackers to inject arbitrary web script or HTML, as demonstrated using the news field.

CWE-79 Dec 31, 2003

CVE-2003-1372 1 PoC Analysis EPSS 0.01

Cross-site scripting (XSS) vulnerability in links.php script in myPHPNuke 1.8.8, and possibly earlier versions, allows remote attackers to inject arbitrary HTML and web script via the (1) ratenum or (2) query parameters.

CWE-79 Dec 31, 2003

CVE-2003-1384 EPSS 0.01

Cross-site scripting (XSS) vulnerability in index.php in PY-Livredor 1.0 allows remote attackers to insert arbitrary web script or HTML via the (1) titre, (2) Votre pseudo, (3) Votre e-mail, or (4) Votre message fields.

CWE-79 Dec 31, 2003

CVE-2003-1348 1 PoC Analysis EPSS 0.03

Cross-site scripting (XSS) vulnerability in guestbook.cgi in ftls.org Guestbook 1.1 allows remote attackers to inject arbitrary web script or HTML via the (1) comment, (2) name, or (3) title field.

CWE-79 Dec 31, 2003

CVE-2003-1347 4 PoCs Analysis EPSS 0.01

Multiple cross-site scripting (XSS) vulnerabilities in Geeklog 1.3.7 allow remote attackers to inject arbitrary web script or HTML via the (1) cid parameter to comment.php, (2) uid parameter to profiles.php, (3) uid to users.php, and (4) homepage field.

CWE-79 Dec 31, 2003

CVE-2003-1370 EPSS 0.00

Multiple cross-site scripting (XSS) vulnerabilities in Nuked-Klan 1.2b allow remote attackers to inject arbitrary HTML or web script via (1) the Author field in the Guestbook module, (2) the Titre or Pseudo fields in the Forum module, or (3) "La Tribune Libre" in the Shoutbox module.

CWE-79 Dec 31, 2003

CVE-2003-1511 1 PoC Analysis EPSS 0.01

Cross-site scripting (XSS) vulnerability in Bajie Java HTTP Server 0.95 through 0.95zxv4 allows remote attackers to inject arbitrary web script or HTML via (1) the query string to test.txt, (2) the guestName parameter to the custMsg servlet, or (3) the cookiename parameter to the CookieExample servlet.

CWE-79 Dec 31, 2003

CVE-2003-1543 EPSS 0.00

Cross-site scripting (XSS) vulnerability in Bajie Http Web Server 0.95zxe, 0.95zxc, and possibly others, allows remote attackers to inject arbitrary web script or HTML via the query string, which is reflected in an error message.

CWE-79 Dec 31, 2003

CVE-2003-1549 EPSS 0.01

Cross-site scripting (XSS) vulnerability in header.php in MyABraCaDaWeb 1.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the ma_kw parameter.

CWE-79 Dec 31, 2003

CVE-2003-1453 1 PoC Analysis EPSS 0.01

Cross-site scripting (XSS) vulnerability in the MytextSanitizer function in XOOPS 1.3.5 through 1.3.9 and XOOPS 2.0 through 2.0.1 allows remote attackers to inject arbitrary web script or HTML via a javascript: URL in an IMG tag.

CWE-79 Dec 31, 2003

CVE-2003-0624 1 PoC Analysis EPSS 0.03

Cross-site scripting (XSS) vulnerability in InteractiveQuery.jsp for BEA WebLogic 8.1 and earlier allows remote attackers to inject malicious web script via the person parameter.

CWE-79 Dec 01, 2003

CVE-2003-0712 EPSS 0.18

Cross-site scripting (XSS) vulnerability in the HTML encoding for the Compose New Message form in Microsoft Exchange Server 5.5 Outlook Web Access (OWA) allows remote attackers to execute arbitrary web script.

CWE-79 Nov 17, 2003

CVE-2003-1151 1 PoC Analysis EPSS 0.01

Cross-site scripting (XSS) vulnerability in Fastream NETFile Server 6.0.3.588 allows remote attackers to inject arbitrary web script or HTML via the URL, which is displayed on a "404 Not Found" error page.

CWE-79 Oct 28, 2003