Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2002-12-31 | CVE-2002-2350 | Cross-Site Scripting vulnerability in PHPoutsourcing Zorum 2.4 Cross-site scripting (XSS) vulnerability in z_user_show.php in dbtreelistproperty_method.php in Zorum 2.4 allows remote attackers to inject arbitrary web script or HTML via the class parameter. | 4.3 |
2002-12-31 | CVE-2002-2348 | Cross-Site Scripting vulnerability in Authoria Authoriahrsuite Cross-site scripting (XSS) vulnerability in athcgi.exe in Authoria HR allows remote attackers to inject arbitrary web script or HTML via the command parameter. | 4.3 |
2002-12-31 | CVE-2002-2347 | Cross-Site Scripting vulnerability in Oracle Application Server Cross-site scripting (XSS) vulnerability in Oracle Java Server Page (OJSP) demo files (1) hellouser.jsp, (2) welcomeuser.jsp and (3) usebean.jsp in Oracle 9i Application Server 9.0.2, 1.0.2.2, 1.0.2.1s and 1.0.2 allows remote attackers to inject arbitrary web script or HTML via the text entry field. | 4.3 |
2002-12-31 | CVE-2002-2343 | Cross-Site Scripting vulnerability in Nocc Cross-site scripting (XSS) vulnerability in NOCC 0.9 through 0.9.5 allows remote attackers to inject arbitrary web script or HTML via email messages. | 4.3 |
2002-12-31 | CVE-2002-2341 | Cross-Site Scripting vulnerability in Sonicwall Soho3 6.3.0.0 Cross-site scripting (XSS) vulnerability in content blocking in SonicWALL SOHO3 6.3.0.0 allows remote attackers to inject arbitrary web script or HTML via a blocked URL. | 4.3 |
2002-12-31 | CVE-2002-2340 | Cross-Site Scripting vulnerability in Phorum 3.3.2A Cross-site scripting (XSS) vulnerability in read.php in Phorum 3.3.2a allows remote attackers to inject arbitrary web script or HTML via (1) the t parameter or (2) the body of an email response. | 4.3 |
2002-12-31 | CVE-2002-2339 | Cross-Site Scripting vulnerability in Script Shed Ssgbook 1.0 Cross-site scripting (XSS) vulnerability in configure.asp in Script-Shed GuestBook 1.0 allows remote attackers to inject arbitrary web script or HTML via a javascript: URL in (1) image, (2) img, (3) image=right, (4) img=right, (5) image=left, and (6) img=left tags. | 4.3 |
2002-12-31 | CVE-2002-2330 | Cross-Site Scripting vulnerability in Uninet Statsplus 1.25 Cross-site scripting (XSS) vulnerability in stat.pl in StatsPlus 1.25 allows remote attackers to inject arbitrary web script or HTML via (1) HTTP_USER_AGENT or (2) HTTP_REFERER, which is written to stats.html and executed in client browsers. | 5.0 |
2002-12-31 | CVE-2002-2321 | Cross-Site Scripting vulnerability in PHPlinkat 0.1.0 Cross-site scripting (XSS) vulnerability in (1) showcat.php and (2) addyoursite.php in phpLinkat 0.1.0 allows remote attackers to inject arbitrary web script or HTML via the catid parameter. | 4.3 |
2002-12-31 | CVE-2002-2318 | Cross-Site Scripting vulnerability in Blueface Falcon web Server Cross-site scripting (XSS) vulnerability in Falcon web server 2.0.0.1009 through 2.0.0.1021 allows remote attackers to inject arbitrary web script or HTML via the URI, which is inserted into 301 error messages and executed by 404 error messages. | 4.3 |