Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2002-12-31 | CVE-2002-2296 | Cross-Site Scripting vulnerability in Yabb 1Goldsp1 Cross-site scripting (XSS) vulnerability in YaBB.pl in Yet Another Bulletin Board (YaBB) 1 Gold SP 1 allows remote attackers to inject arbitrary web script or HTML via the num parameter. | 4.3 |
| 2002-12-31 | CVE-2002-2278 | Cross-Site Scripting vulnerability in Portail web PHP Portail web PHP 0.99 Cross-site scripting (XSS) vulnerability in mod_search/index.php in PortailPHP 0.99 allows remote attackers to inject arbitrary web script or HTML via the (1) $App_Theme, (2) $Rub_Search, (3) $Rub_News, (4) $Rub_File, (5) $Rub_Liens, or (6) $Rub_Faq variables. | 4.3 |
| 2002-12-31 | CVE-2002-2273 | Cross-Site Scripting vulnerability in Webster Http Server Cross-site scripting (XSS) vulnerability in Webster HTTP Server allows remote attackers to inject arbitrary web script or HTML via the URL. | 4.3 |
| 2002-12-31 | CVE-2002-2260 | Cross-Site Scripting vulnerability in Mozilla Bugzilla Cross-site scripting (XSS) vulnerability in the quips feature in Mozilla Bugzilla 2.10 through 2.17 allows remote attackers to inject arbitrary web script or HTML via the "show all quips" page. | 4.3 |
| 2002-12-31 | CVE-2002-2255 | Cross-Site Scripting vulnerability in PHPbb 2.0.3 Cross-site scripting (XSS) vulnerability in search.php in phpBB 2.0.3 and possibly earlier versions allows remote attackers to inject arbitrary web script or HTML via the search_username parameter in searchuser mode. | 4.3 |
| 2002-12-31 | CVE-2002-2246 | Cross-Site Scripting vulnerability in Deerfield Visnetic Website Cross-site scripting (XSS) vulnerability in VisNetic Website before 3.5.15 allows remote attackers to inject arbitrary web script or HTML via the HTTP referer header (HTTP_REFERER) to a non-existent page, which is injected into the resulting 404 error page. | 4.3 |
| 2002-12-31 | CVE-2002-2231 | Cross-Site Scripting vulnerability in Ikonboard 3.1.1 Cross-site scripting (XSS) vulnerability in Ikonboard 3.1.1 allows remote attackers to inject arbitrary web script or HTML via (1) a javascript: URL in a photo URL or (2) an X-Forwarded-For: header. | 4.3 |
| 2002-12-31 | CVE-2002-2230 | Cross-Site Scripting vulnerability in Ikonboard 3.1.1 Cross-site scripting (XSS) vulnerability in Ikonboard 3.1.1 allows remote attackers to inject arbitrary web script or HTML via a private message with a javascript: URL in the IMG tag, in which the URL ends in a ".gif" or ".jpg" string, a variant of CVE-2002-0328. | 4.3 |
| 2002-12-31 | CVE-2002-1958 | Cross-Site Scripting vulnerability in Kmmail 1.0/1.0A/1.0B Cross-site scripting (XSS) vulnerability in kmMail 1.0, 1.0a, and 1.0b allows remote attackers to inject arbitrary web script or HTML via (1) javascript in onmouseover or other attributes in "safe" HTML tags such as the "b" tag, or (2) the Subject field. | 4.3 |
| 2002-12-31 | CVE-2002-1852 | Cross-Site Scripting vulnerability in Monkey-Project Monkey 0.5.0 Cross-site scripting (XSS) vulnerability in Monkey 0.5.0 allows remote attackers to inject arbitrary web script or HTML via (1) the URL or (2) a parameter to test2.pl. | 4.3 |