Security Vulnerabilities, CVEs, Published In July 2004 (XSS)

CVE-2004-2064

Cross-site scripting (XSS) vulnerability in lostBook 1.1 and earlier allows remote attackers to inject arbitrary web script via the (1) Email or (2) Website fields.
Max CVSS
4.3
EPSS Score
0.44%
Published
2004-07-29
Updated
2017-07-11

CVE-2004-2055

Cross-site scripting (XSS) vulnerability in search.php for PhpBB 2.0.4 and 2.0.9 allows remote attackers to inject arbitrary HTMl or web script via the search_author parameter.
Max CVSS
4.3
EPSS Score
0.55%
Published
2004-07-19
Updated
2017-07-11

CVE-2004-0737

Multiple cross-site scripting vulnerabilities in index.php in the Search module for Php-Nuke allows remote attackers to inject arbitrary web script or HTML via the (1) sid, (2) max, (3) sel1, (4) sel2, (5) sel3, (6) sel4, (7) sel5, (8) match, (9) mod1, (10) mod2, or (11) mod3 parameters.
Max CVSS
7.5
EPSS Score
0.82%
Published
2004-07-27
Updated
2017-07-11

CVE-2004-0731

Cross-site scripting (XSS) vulnerability in index.php in the Search module for Php-Nuke allows remote attackers to inject arbitrary script as other users via the input field.
Max CVSS
6.8
EPSS Score
0.80%
Published
2004-07-27
Updated
2017-07-11

CVE-2004-0730

Multiple cross-site scripting (XSS) vulnerabilities in PhpBB 2.0.8 allow remote attackers to inject arbitrary web script or HTML via (1) the cat_title parameter in index.php, (2) the faq[0][0] parameter in lang_faq.php as accessible from faq.php, or (3) the faq[0][0] parameter in lang_bbcode.php as accessible from faq.php.
Max CVSS
6.8
EPSS Score
1.50%
Published
2004-07-27
Updated
2017-07-11

CVE-2004-0725

Cross-site scripting (XSS) vulnerability in help.php in Moodle 1.3.2 and 1.4 dev allows remote attackers to inject arbitrary web script or HTML via the file parameter.
Max CVSS
6.8
EPSS Score
1.05%
Published
2004-07-27
Updated
2020-12-01

CVE-2004-0705

Multiple cross-site scripting (XSS) vulnerabilities in (1) editcomponents.cgi, (2) editgroups.cgi, (3) editmilestones.cgi, (4) editproducts.cgi, (5) editusers.cgi, and (6) editversions.cgi in Bugzilla 2.16.x before 2.16.6, and 2.18 before 2.18rc1, allow remote attackers to execute arbitrary JavaScript as other users via a URL parameter.
Max CVSS
6.8
EPSS Score
0.46%
Published
2004-07-27
Updated
2017-07-11

CVE-2004-0595

The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, does not filter null (\0) characters within tag names when restricting input to allowed tags, which allows dangerous tags to be processed by web browsers such as Internet Explorer and Safari, which ignore null characters and facilitate the exploitation of cross-site scripting (XSS) vulnerabilities.
Max CVSS
6.8
EPSS Score
93.90%
Published
2004-07-27
Updated
2018-10-30
8 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close