Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by CWE-79
Total 26605 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2006-0208 1 Php 1 Php 2023-12-10 2.6 LOW N/A
Multiple cross-site scripting (XSS) vulnerabilities in PHP 4.4.1 and 5.1.1, when display_errors and html_errors are on, allow remote attackers to inject arbitrary web script or HTML via inputs to PHP applications that are not filtered when they are included in the resulting error message.
CVE-2004-2720 1 Snitz Communications 1 Snitz Forums 2000 2023-12-10 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in register.asp in Snitz Forums 2000 3.4.04 and earlier allows remote attackers to inject arbitrary web script or HTML via javascript events in the Email parameter.
CVE-2006-4038 1 Chaossoft 1 Gaestechaos 2023-12-10 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in eintragen.php in GaesteChaos 0.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) gastname or (2) gastwohnort parameters.
CVE-2004-2756 1 Xoops 1 Xoops 2023-12-10 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in viewtopic.php in Xoops 2.x, possibly 2 through 2.0.5, allows remote attackers to inject arbitrary web script or HTML via the (1) forum and (2) topic_id parameters.
CVE-2006-0140 1 Navboard 1 Navboard 2023-12-10 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in post.php in NavBoard V16 Stable(2.6.0) and V17beta2 allows remote attackers to inject arbitrary web script or HTML via the (1) b, (2) textlarge, and (3) url bbcode tags.
CVE-2006-0938 1 Ez 1 Ez Publish 2023-12-10 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in eZ publish 3.7.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the RefererURL parameter.
CVE-2006-2649 1 Cosmicphp 1 Cosmicshoppingcart 2023-12-10 6.8 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in (a) search.php, (b) search_cat.php, (c) search_price.php, and (d) product_details.php in the cosmicshop directory for CosmicShoppingCart allow remote attackers to inject arbitrary web script or HTML via multiple unspecified parameters, as demonstrated by the (1) query parameter in search.php and the (2) data parameter in search_cat.php.
CVE-2002-2359 1 Mozilla 1 Mozilla 2023-12-10 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the FTP view feature in Mozilla 1.0 allows remote attackers to inject arbitrary web script or HTML via the title tag of an ftp URL.
CVE-2002-2246 1 Deerfield 1 Visnetic Website 2023-12-10 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in VisNetic Website before 3.5.15 allows remote attackers to inject arbitrary web script or HTML via the HTTP referer header (HTTP_REFERER) to a non-existent page, which is injected into the resulting 404 error page.
CVE-2002-2260 1 Mozilla 1 Bugzilla 2023-12-10 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the quips feature in Mozilla Bugzilla 2.10 through 2.17 allows remote attackers to inject arbitrary web script or HTML via the "show all quips" page.
CVE-2003-1467 4 Linux, Microsoft, Phorum and 1 more 4 Linux Kernel, All Windows, Phorum and 1 more 2023-12-10 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in (1) login.php, (2) register.php, (3) post.php, and (4) common.php in Phorum before 3.4.3 allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors.
CVE-2004-1863 1 Xmb Forum 1 Xmb 2023-12-10 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in XMB (aka extreme message board) 1.9 beta (aka Nexus beta) allow remote attackers to inject arbitrary web script or HTML via (1) the u2uheader parameter in editprofile.php, the restrict parameter in (2) member.php, (3) misc.php, and (4) today.php, and (5) an arbitrary parameter in phpinfo.php.
CVE-2002-2273 1 Webster 1 Webster Http Server 2023-12-10 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in Webster HTTP Server allows remote attackers to inject arbitrary web script or HTML via the URL.
CVE-2002-2318 1 Blueface 1 Falcon Web Server 2023-12-10 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in Falcon web server 2.0.0.1009 through 2.0.0.1021 allows remote attackers to inject arbitrary web script or HTML via the URI, which is inserted into 301 error messages and executed by 404 error messages.
CVE-2002-2230 1 Ikonboard 1 Ikonboard 2023-12-10 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in Ikonboard 3.1.1 allows remote attackers to inject arbitrary web script or HTML via a private message with a javascript: URL in the IMG tag, in which the URL ends in a ".gif" or ".jpg" string, a variant of CVE-2002-0328.
CVE-2002-2378 1 Nakata 1 An Httpd 2023-12-10 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in AN HTTP 1.41d allows remote attackers to inject arbitrary web script or HTML via a colon (:) in the query string, which is inserted into the resulting error page.
CVE-2004-0678 1 12planet 1 Chat Server 2023-12-10 4.3 MEDIUM N/A
Cross-site scripting (XSS) in one2planet.infolet.InfoServlet in 12Planet Chat Server 2.9 allows remote attackers to execute arbitrary script as other users via the page parameter.
CVE-2002-1852 1 Monkey-project 1 Monkey 2023-12-10 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in Monkey 0.5.0 allows remote attackers to inject arbitrary web script or HTML via (1) the URL or (2) a parameter to test2.pl.
CVE-2003-1453 1 Xoops 1 Xoops 2023-12-10 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the MytextSanitizer function in XOOPS 1.3.5 through 1.3.9 and XOOPS 2.0 through 2.0.1 allows remote attackers to inject arbitrary web script or HTML via a javascript: URL in an IMG tag.
CVE-2002-1958 1 Kmmail 1 Kmmail 2023-12-10 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in kmMail 1.0, 1.0a, and 1.0b allows remote attackers to inject arbitrary web script or HTML via (1) javascript in onmouseover or other attributes in "safe" HTML tags such as the "b" tag, or (2) the Subject field.