CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In 2002(Cross Site Scripting (XSS))

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
51 CVE-2002-1995 XSS 2002-12-31 2008-09-05
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in phptonuke.php for PHP-Nuke allows remote attackers to inject arbitrary web script or HTML via the filnavn parameter.
52 CVE-2002-1965 XSS 2002-12-31 2008-09-05
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in Errors.gsl in Imatix Xitami 2.5b4 and 2.5b5 allows remote attackers to inject arbitrary web script or HTML via the (1) Javascript events, as demonstrated via an onerror event in an IMG SRC tag or (2) User-Agent field in an HTTP GET request.
53 CVE-2002-1960 XSS 2002-12-31 2008-09-05
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in Cybozu Share360 1.1 allows remote attackers to inject arbitrary web script or HTML via an HTML link.
54 CVE-2002-1958 79 XSS 2002-12-31 2008-09-05
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in kmMail 1.0, 1.0a, and 1.0b allows remote attackers to inject arbitrary web script or HTML via (1) javascript in onmouseover or other attributes in "safe" HTML tags such as the "b" tag, or (2) the Subject field.
55 CVE-2002-1954 XSS 2002-12-31 2008-09-05
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in the phpinfo function in PHP 4.2.3 allows remote attackers to inject arbitrary web script or HTML via the query string argument, as demonstrated using soinfo.php.
56 CVE-2002-1950 XSS 2002-12-31 2008-09-05
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in phpRank 1.8 allows remote attackers to inject arbitrary web script or HTML via the (1) the email parameter of add.php or (2) the banner URL (banurl parameter) in the main list.
57 CVE-2002-1931 XSS 2002-12-31 2008-09-05
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in PHP Arena paFileDB 1.1.3 and 2.1.1 allows remote attackers to inject arbitrary web script or HTML via Javascript in the search string.
58 CVE-2002-1929 XSS 2002-12-31 2008-09-05
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in pafiledb.php in PHP Arena paFileDB 1.1.3 through 3.0 allows remote attackers to inject arbitrary web script or HTML via the query string in the (1) rate, (2) email, or (3) download actions.
59 CVE-2002-1922 XSS 2002-12-31 2008-09-05
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in global.php in Jelsoft vBulletin 2.0.0 through 2.2.8 allows remote attackers to inject arbitrary web script or HTML via the (1) $scriptpath or (2) $url variables.
60 CVE-2002-1901 XSS 2002-12-31 2008-09-05
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in Bodo Bauer BBGallery 1.0 allows remote attackers to inject arbitrary web script or HTML via image tags.
61 CVE-2002-1900 XSS 2002-12-31 2008-09-05
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in Pinboard 1.0 allows remote attackers to inject arbitrary web script or HTML via tasklists.
62 CVE-2002-1899 XSS 2002-12-31 2008-09-05
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in IceWarp Web Mail 3.3.3 and 3.4.5 allows remote attackers to inject arbitrary web script or HTML via the "Full Name" (addressname) parameter.
63 CVE-2002-1894 XSS 2002-12-31 2008-09-05
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in viewtopic.php in phpBB 2.0.3 allows remote attackers to inject arbitrary web script or HTML via the highlight parameter.
64 CVE-2002-1893 XSS 2002-12-31 2008-09-05
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in ArGoSoft Mail Server Pro 1.8.1.9 allows remote attackers to inject arbitrary web script or HTML via the e-mail message.
65 CVE-2002-1853 XSS 2002-12-31 2008-09-05
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in MyNewsGroups 0.4 and 0.4.1 allows remote attackers to inject arbitrary web script or HTML via the subject of a newsgroup post, which is not properly handled by (1) myarticles.php, (2) search.php, (3) stats.php, or (4) standard.lib.php.
66 CVE-2002-1852 79 XSS 2002-12-31 2020-03-26
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in Monkey 0.5.0 allows remote attackers to inject arbitrary web script or HTML via (1) the URL or (2) a parameter to test2.pl.
67 CVE-2002-1845 XSS 2002-12-31 2008-09-05
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in index.php in Yet Another Bulletin Board (YaBB) 1.40 and 1.41 allows remote attackers to inject arbitrary web script or HTML via the password (passwrd) parameter.
68 CVE-2002-1829 XSS 2002-12-31 2017-07-11
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in codeparse.php in Open Bulletin Board (OpenBB) 1.0.0 RC3 allows remote attackers to inject arbitrary web script or HTML via (1) myhome.php, (2) an onerror attribute in an IMG tag (a variant of CVE-2002-0330), or (3) a glow tag.
69 CVE-2002-1808 XSS 2002-12-31 2008-09-05
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in Meunity Community System 1.1 allows remote attackers to inject arbitrary web script or HTML via Javascript in an IMG tag when creating a topic.
70 CVE-2002-1807 XSS 2002-12-31 2008-09-05
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in phpWebSite 0.8.3 allows remote attackers to inject arbitrary web script or HTML via Javascript in an IMG tag.
71 CVE-2002-1806 XSS 2002-12-31 2008-09-05
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in Drupal 4.0.0 allows remote attackers to inject arbitrary web script or HTML via Javascript in an IMG tag.
72 CVE-2002-1805 XSS 2002-12-31 2008-09-05
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in DaCode 1.2.0 allows remote attackers to inject arbitrary web script or HTML via Javascript in an IMG tag.
73 CVE-2002-1804 XSS 2002-12-31 2008-09-05
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in NPDS 4.8 allows remote attackers to inject arbitrary web script or HTML via Javascript in an IMG tag.
74 CVE-2002-1803 XSS 2002-12-31 2008-09-05
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in PHP-Nuke 6.0 allows remote attackers to inject arbitrary web script or HTML via Javascript in an IMG tag.
75 CVE-2002-1802 XSS 2002-12-31 2008-09-05
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in Xoops 1.0 RC3 allows remote attackers to inject arbitrary web script or HTML via Javascript in an IMG tag when submitting news.
76 CVE-2002-1799 XSS 2002-12-31 2008-09-05
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in phpRank 1.8 allows remote attackers to inject arbitrary web script or HTML via the (1) email parameter to add.php or (2) banurl parameter.
77 CVE-2002-1795 XSS 2002-12-31 2008-09-05
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in connect.asp in Microsoft Terminal Services Advanced Client (TSAC) ActiveX control allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
78 CVE-2002-1785 XSS 2002-12-31 2008-09-05
1.9
None Local Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in Zeus Administration Server in Zeus Web Server 4.0 through 4.1r2 allows remote authenticated users to inject arbitrary web script or HTML via the section parameter to index.fcgi.
79 CVE-2002-1733 XSS 2002-12-31 2017-07-11
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in the web-based message board in Prospero Technologies allows remote attackers to inject arbitrary web script or HTML via a message board post.
80 CVE-2002-1732 XSS 2002-12-31 2017-07-11
4.3
None Remote Medium Not required None Partial None
Multiple cross-site scripting (XSS) vulnerabilities in Actinic Catalog 4.7.0 allow remote attackers to inject arbitrary web script or HTML via (1) the query string argument to certain .pl files, (2) the REFPAGE parameter to ca000007.pl, (3) PRODREF parameter to ss000007.pl, or (4) hop parameter to ca000001.pl.
81 CVE-2002-1729 XSS 2002-12-31 2017-07-11
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site scripting vulnerability (XSS) in ASPjar Guestbook 1.00 allows remote attackers to execute arbitrary script as other users via the "web site" parameter in a guestbook message.
82 CVE-2002-1727 XSS 2002-12-31 2017-07-11
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site scripting vulnerability (XSS) in (1) as_web.exe and (2) as_web4.exe in askSam Web Publisher 1 and 4 allows remote attackers to execute arbitrary script as other users via a URL.
83 CVE-2002-1724 XSS 2002-12-31 2017-07-11
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site scripting vulnerability (XSS) in phpimageview.php for PHPImageView 1.0 allows remote attackers to execute arbitrary script as other users via the pic parameter.
84 CVE-2002-1708 XSS 2002-12-31 2017-07-11
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site scripting vulnerability (XSS) in BasiliX Webmail 1.10 allows remote attackers to execute arbitrary script as other users by injecting script into the (1) subject or (2) message fields.
85 CVE-2002-1703 XSS 2002-12-31 2017-07-11
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site scripting vulnerability (XSS) in auction.cgi for Mewsoft NetAuction 3.0 allows remote attackers to execute arbitrary script as other users via the Term parameter.
86 CVE-2002-1702 XSS 2002-12-31 2017-07-11
4.3
None Remote Medium Not required None Partial None
Cross-site scripting vulnerability (XSS) in DeltaScripts PHP Classifieds 6.0.5 allows remote attackers to execute arbitrary script as other users via the URL parameter.
87 CVE-2002-1700 79 XSS 2002-12-31 2018-10-30
4.3
None Remote Medium Not required None Partial None
Cross-site scripting vulnerability (XSS) in the missing template handler in Macromedia ColdFusion MX allows remote attackers to execute arbitrary script as other users by injecting script into the HTTP request for the name of a template, which is not filtered in the resulting 404 error message.
88 CVE-2002-1685 XSS 2002-12-31 2017-07-11
4.3
None Remote Medium Not required None Partial None
Cross-site scripting vulnerability (XSS) in BadBlue Enterprise Edition and Personal Edition 1.7 and 1.7.2 allows remote attackers to execute arbitrary script as other users by injecting script into ext.dll ISAPI.
89 CVE-2002-1683 XSS 2002-12-31 2017-07-11
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in BadBlue Personal Edition 1.7.3 allows remote attackers to execute arbitrary script as other users by injecting script into the cleanSearchString() function.
90 CVE-2002-1681 Exec Code XSS 2002-12-31 2017-07-11
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site scripting (XSS) vulnerability in Slashcode CVS releases June 17 through July 1 2002 allows remote attackers to execute arbitrary script as other users by injecting script into the paragraph <P> tag.
91 CVE-2002-1680 XSS 2002-12-31 2017-07-11
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in CGI Online Worldweb Shopping 1.1 (a.k.a. COWS) allows remote attackers to execute arbitrary script as other users by injecting script into (1) diagnose.cgi or (2) compatible.cgi.
92 CVE-2002-1679 XSS 2002-12-31 2017-07-11
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in Jelsoft vBulletin 2.2.0 allows remote attackers to execute arbitrary script as other users by injecting script into a bulletin board message.
93 CVE-2002-1678 XSS 2002-12-31 2017-07-11
4.3
None Remote Medium Not required Partial None None
Cross-site scripting (XSS) vulnerability in memberlist.php in Jelsoft vBulletin 2.0 rc 2 through 2.2.4 allows remote attackers to steal authentication credentials by injecting script into $letterbits.
94 CVE-2002-1662 XSS 2002-12-31 2017-07-11
6.8
None Remote Medium Not required Partial Partial Partial
Multiple cross-site scripting (XSS) vulnerabilities in Mambo Site Server 4.0.11 allow remote attackers to execute arbitrary script on other clients via (1) search.php and (2) the "Your name" field during account registration.
95 CVE-2002-1651 79 XSS 2002-12-31 2017-07-11
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in Verity Search97 allows remote attackers to insert arbitrary web content and steal sensitive information from other clients, possibly due to certain error messages from template pages that use the (1) vformat or (2) vfilter functions.
96 CVE-2002-1649 XSS 2002-12-31 2017-07-11
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in read_body.php in SquirrelMail before 1.2.3 allows remote attackers to execute arbitrary Javascript via a javascript: URL in an IMG tag.
97 CVE-2002-1640 XSS 2002-04-01 2018-09-26
6.8
None Remote Medium Not required Partial Partial Partial
Multiple cross-site scripting (XSS) vulnerabilities in Oracle Configurator before 11.5.7.17.32 and 11.5.6.16.53 allows remote attackers to inject arbitrary web script or HTML via (1) Text Features in the DHTML UI or (2) the test parameter to the oracle.apps.cz.servlet.UiServlet servlet.
98 CVE-2002-1636 XSS 2002-12-31 2017-07-11
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in the htp PL/SQL package for Oracle 9i Application Server (9iAS) allows remote attackers to inject arbitrary web script or HTML via the cbuf parameter to htp.print.
99 CVE-2002-1453 XSS 2002-08-14 2016-10-18
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in MyWebServer 1.0.2 allows remote attackers to insert script and HTML via a long request followed by the malicious script, which is echoed back to the user in an error message.
100 CVE-2002-1445 XSS 2002-08-12 2008-09-05
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in CERN Proxy Server allows remote attackers to execute script as other users via a link to a non-existent page whose name contains the script, which is inserted into the resulting error page.
Total number of vulnerabilities : 200   Page : 1 2 (This Page)3 4
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.