Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2002-12-31 | CVE-2002-2339 | Cross-Site Scripting vulnerability in Script Shed Ssgbook 1.0 Cross-site scripting (XSS) vulnerability in configure.asp in Script-Shed GuestBook 1.0 allows remote attackers to inject arbitrary web script or HTML via a javascript: URL in (1) image, (2) img, (3) image=right, (4) img=right, (5) image=left, and (6) img=left tags. | 4.3 |
| 2002-12-31 | CVE-2002-2330 | Cross-Site Scripting vulnerability in Uninet Statsplus 1.25 Cross-site scripting (XSS) vulnerability in stat.pl in StatsPlus 1.25 allows remote attackers to inject arbitrary web script or HTML via (1) HTTP_USER_AGENT or (2) HTTP_REFERER, which is written to stats.html and executed in client browsers. | 5.0 |
| 2002-12-31 | CVE-2002-2321 | Cross-Site Scripting vulnerability in PHPlinkat 0.1.0 Cross-site scripting (XSS) vulnerability in (1) showcat.php and (2) addyoursite.php in phpLinkat 0.1.0 allows remote attackers to inject arbitrary web script or HTML via the catid parameter. | 4.3 |
| 2002-12-31 | CVE-2002-2318 | Cross-Site Scripting vulnerability in Blueface Falcon web Server Cross-site scripting (XSS) vulnerability in Falcon web server 2.0.0.1009 through 2.0.0.1021 allows remote attackers to inject arbitrary web script or HTML via the URI, which is inserted into 301 error messages and executed by 404 error messages. | 4.3 |
| 2002-12-31 | CVE-2002-2296 | Cross-Site Scripting vulnerability in Yabb 1Goldsp1 Cross-site scripting (XSS) vulnerability in YaBB.pl in Yet Another Bulletin Board (YaBB) 1 Gold SP 1 allows remote attackers to inject arbitrary web script or HTML via the num parameter. | 4.3 |
| 2002-12-31 | CVE-2002-2278 | Cross-Site Scripting vulnerability in Portail web PHP Portail web PHP 0.99 Cross-site scripting (XSS) vulnerability in mod_search/index.php in PortailPHP 0.99 allows remote attackers to inject arbitrary web script or HTML via the (1) $App_Theme, (2) $Rub_Search, (3) $Rub_News, (4) $Rub_File, (5) $Rub_Liens, or (6) $Rub_Faq variables. | 4.3 |
| 2002-12-31 | CVE-2002-2273 | Cross-Site Scripting vulnerability in Webster Http Server Cross-site scripting (XSS) vulnerability in Webster HTTP Server allows remote attackers to inject arbitrary web script or HTML via the URL. | 4.3 |
| 2002-12-31 | CVE-2002-2260 | Cross-Site Scripting vulnerability in Mozilla Bugzilla Cross-site scripting (XSS) vulnerability in the quips feature in Mozilla Bugzilla 2.10 through 2.17 allows remote attackers to inject arbitrary web script or HTML via the "show all quips" page. | 4.3 |
| 2002-12-31 | CVE-2002-2255 | Cross-Site Scripting vulnerability in PHPbb 2.0.3 Cross-site scripting (XSS) vulnerability in search.php in phpBB 2.0.3 and possibly earlier versions allows remote attackers to inject arbitrary web script or HTML via the search_username parameter in searchuser mode. | 4.3 |
| 2002-12-31 | CVE-2002-2246 | Cross-Site Scripting vulnerability in Deerfield Visnetic Website Cross-site scripting (XSS) vulnerability in VisNetic Website before 3.5.15 allows remote attackers to inject arbitrary web script or HTML via the HTTP referer header (HTTP_REFERER) to a non-existent page, which is injected into the resulting 404 error page. | 4.3 |