Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2002-12-31 | CVE-2002-2273 | Cross-Site Scripting vulnerability in Webster Http Server Cross-site scripting (XSS) vulnerability in Webster HTTP Server allows remote attackers to inject arbitrary web script or HTML via the URL. | 4.3 |
2002-12-31 | CVE-2002-2260 | Cross-Site Scripting vulnerability in Mozilla Bugzilla Cross-site scripting (XSS) vulnerability in the quips feature in Mozilla Bugzilla 2.10 through 2.17 allows remote attackers to inject arbitrary web script or HTML via the "show all quips" page. | 4.3 |
2002-12-31 | CVE-2002-2255 | Cross-Site Scripting vulnerability in PHPbb 2.0.3 Cross-site scripting (XSS) vulnerability in search.php in phpBB 2.0.3 and possibly earlier versions allows remote attackers to inject arbitrary web script or HTML via the search_username parameter in searchuser mode. | 4.3 |
2002-12-31 | CVE-2002-2246 | Cross-Site Scripting vulnerability in Deerfield Visnetic Website Cross-site scripting (XSS) vulnerability in VisNetic Website before 3.5.15 allows remote attackers to inject arbitrary web script or HTML via the HTTP referer header (HTTP_REFERER) to a non-existent page, which is injected into the resulting 404 error page. | 4.3 |
2002-12-31 | CVE-2002-2231 | Cross-Site Scripting vulnerability in Ikonboard 3.1.1 Cross-site scripting (XSS) vulnerability in Ikonboard 3.1.1 allows remote attackers to inject arbitrary web script or HTML via (1) a javascript: URL in a photo URL or (2) an X-Forwarded-For: header. | 4.3 |
2002-12-31 | CVE-2002-2230 | Cross-Site Scripting vulnerability in Ikonboard 3.1.1 Cross-site scripting (XSS) vulnerability in Ikonboard 3.1.1 allows remote attackers to inject arbitrary web script or HTML via a private message with a javascript: URL in the IMG tag, in which the URL ends in a ".gif" or ".jpg" string, a variant of CVE-2002-0328. | 4.3 |
2002-12-31 | CVE-2002-1958 | Cross-Site Scripting vulnerability in Kmmail 1.0/1.0A/1.0B Cross-site scripting (XSS) vulnerability in kmMail 1.0, 1.0a, and 1.0b allows remote attackers to inject arbitrary web script or HTML via (1) javascript in onmouseover or other attributes in "safe" HTML tags such as the "b" tag, or (2) the Subject field. | 4.3 |
2002-12-31 | CVE-2002-1852 | Cross-Site Scripting vulnerability in Monkey-Project Monkey 0.5.0 Cross-site scripting (XSS) vulnerability in Monkey 0.5.0 allows remote attackers to inject arbitrary web script or HTML via (1) the URL or (2) a parameter to test2.pl. | 4.3 |
2002-12-31 | CVE-2002-1700 | Cross-Site Scripting vulnerability in multiple products Cross-site scripting vulnerability (XSS) in the missing template handler in Macromedia ColdFusion MX allows remote attackers to execute arbitrary script as other users by injecting script into the HTTP request for the name of a template, which is not filtered in the resulting 404 error message. | 4.3 |
2002-12-31 | CVE-2002-1651 | Cross-Site Scripting vulnerability in Verity Search97 2.1 Cross-site scripting (XSS) vulnerability in Verity Search97 allows remote attackers to insert arbitrary web content and steal sensitive information from other clients, possibly due to certain error messages from template pages that use the (1) vformat or (2) vfilter functions. | 4.3 |