Cross-site scripting (XSS) vulnerability in index.php for Invision Power Board 1.3 final allows remote attackers to execute arbitrary script as other users via the (1) c, (2) f, (3) showtopic, (4) showuser, or (5) username parameters.
Max CVSS
6.8
EPSS Score
36.80%
Published
2004-11-23
Updated
2017-07-11
Cross-site scripting (XSS) vulnerability in VirtuaNews Admin Panel Pro 1.0.3 allows remote attackers to execute arbitrary script as other users via (1) the mainnews parameter in admin.php, (2) the expand parameter in admin.php, (3) the id parameter in admin.php, (4) the catid parameter in admin.php, or (5) an unnamed parameter during the newslogo_upload action in admin.php.
Max CVSS
6.8
EPSS Score
2.54%
Published
2004-11-23
Updated
2017-07-11
Cross-site scripting (XSS) vulnerability in delhomepage.cgi in NetScreen-SA 5000 Series running firmware 3.3 Patch 1 (build 4797) allows remote authenticated users to execute arbitrary script as other users via the row parameter.
Max CVSS
6.0
EPSS Score
0.40%
Published
2004-11-23
Updated
2017-10-10
Cross-site scripting (XSS) vulnerability in ViewTopic.php in phpBB, possibly 2.0.6c and earlier, allows remote attackers to execute arbitrary script or HTML as other users via the postorder parameter.
Max CVSS
6.8
EPSS Score
0.54%
Published
2004-11-23
Updated
2017-07-11
Cross-site scripting (XSS) vulnerability in LAN SUITE Web Mail 602Pro allows remote attackers to execute arbitrary script or HTML as other users via a URL to index.html, followed by a / (slash) and the desired script. NOTE: the vendor states that this bug could not be reproduced, so this issue may be REJECTed in the future.
Max CVSS
6.8
EPSS Score
0.70%
Published
2004-11-23
Updated
2017-07-11
Cross-site scripting (XSS) vulnerability in the font tag in ezBoard 7.3u allows remote attackers to execute arbitrary script as other users, as demonstrated using the background:url in a (1) font color or (2) font face argument.
Max CVSS
6.8
EPSS Score
1.16%
Published
2004-11-23
Updated
2017-07-11
Cross-site scripting (XSS) vulnerability in done.jsp in WebzEdit 1.9 and earlier allows remote attackers to execute arbitrary script as other users via the message parameter.
Max CVSS
4.3
EPSS Score
0.17%
Published
2004-11-23
Updated
2017-07-11
Cross-site scripting (XSS) vulnerability in LiveJournal 1.0 and 1.1 allows remote attackers to execute Javascript as other users via the stylesheet, which does not strip the semicolon or parentheses, as demonstrated using a background:url.
Max CVSS
6.8
EPSS Score
0.52%
Published
2004-11-23
Updated
2017-07-11
Cross-site scripting (XSS) vulnerability in error.asp in WebCortex WebStores 2000 6.0 allows remote attackers to execute arbitrary script as other users and steal session IDs via the Message_id parameter.
Max CVSS
6.8
EPSS Score
0.56%
Published
2004-11-23
Updated
2017-07-11
Cross-site scripting (XSS) vulnerability in more.php for Online Store Kit 3.0 allows remote attackers to inject arbitrary HTML via the id parameter.
Max CVSS
6.8
EPSS Score
2.54%
Published
2004-11-23
Updated
2017-07-11
Multiple cross-site scripting vulnerabilities (XSS) in MaxWebPortal allow remote attackers to execute arbitrary web script as other users via (1) the sub_name parameter of dl_showall.asp, (2) the SendTo parameter in Personal Messages, (3) the HTTP_REFERER for down.asp, or (4) the image name of an Avatar in the register form.
Max CVSS
6.8
EPSS Score
0.49%
Published
2004-11-23
Updated
2017-07-11
Cross-site scripting (XSS) vulnerability in modules.php for Php-Nuke 6.x-7.1.0 allows remote attackers to execute arbitrary script as other users via URL-encoded (1) title or (2) fname parameters in the News or Reviews modules.
Max CVSS
6.8
EPSS Score
1.16%
Published
2004-11-23
Updated
2017-07-11
The check_referer() function in Formmail.php 5.0 and earlier allows remote attackers to bypass access restrictions via an empty or spoofed HTTP Referer, as demonstrated using an application on the same web server that contains a cross-site scripting (XSS) issue.
Max CVSS
9.3
EPSS Score
0.52%
Published
2004-11-23
Updated
2017-07-11
Cross-site scripting (XSS) vulnerability in Discuz! Board 2.x and 3.x allows remote attackers to execute arbitrary script as other users via an img tag.
Max CVSS
6.8
EPSS Score
1.16%
Published
2004-11-23
Updated
2017-07-11
Cross-site scripting (XSS) vulnerability in rxgoogle.cgi allows remote attackers to execute arbitrary script as other users via the query parameter.
Max CVSS
6.8
EPSS Score
1.16%
Published
2004-11-23
Updated
2017-07-11
Cross-site scripting vulnerability (XSS) in PHPX 3.2.3 allows remote attackers to execute arbitrary script as other users by injecting arbitrary HTML or script into (1) keywords argument of main.inc.php, (2) body argument of help.inc.php, or (3) the subject field in Personal Messages and Forum.
Max CVSS
6.8
EPSS Score
1.91%
Published
2004-11-23
Updated
2017-07-11
Cross-site scripting (XSS) vulnerability in Outlook Web Access for Exchange Server 5.5 Service Pack 4 allows remote attackers to insert arbitrary script and spoof content in HTML email or web caches via an HTML redirect query.
Max CVSS
4.3
EPSS Score
96.20%
Published
2004-11-23
Updated
2020-04-09
17 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!