Cross-site scripting (XSS) vulnerability in ActiveXperts Software ActiveWebserver allows remote attackers to execute arbitrary web script via a link.
Source: MITRE
Max CVSS
5.1
EPSS Score
0.58%
Published
2002-12-31
Updated
2008-09-05
Cross-site scripting (XSS) vulnerability in the default ASP pages on Microsoft Site Server 3.0 on Windows NT 4.0 allows remote attackers to inject arbitrary web script or HTML via the (1) ctr parameter in Default.asp and (2) the query string to formslogin.asp.
Source: MITRE
Max CVSS
4.3
EPSS Score
1.53%
Published
2002-12-31
Updated
2016-10-18
Cross-site scripting (XSS) vulnerability in ftp.htt in Internet Explorer 5.5 and 6.0, when running on Windows 2000 with "Enable folder view for FTP sites" and "Enable Web content in folders" selected, allows remote attackers to inject arbitrary web script or HTML via the hostname portion of an FTP URL.
Source: MITRE
Max CVSS
4.3
EPSS Score
17.19%
Published
2002-12-31
Updated
2021-07-23
Cross-site scripting (XSS) vulnerability in connect.asp in Microsoft Terminal Services Advanced Client (TSAC) ActiveX control allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
Source: MITRE
Max CVSS
4.3
EPSS Score
4.15%
Published
2002-12-31
Updated
2008-09-05
Cross-site scripting vulnerability (XSS) in the missing template handler in Macromedia ColdFusion MX allows remote attackers to execute arbitrary script as other users by injecting script into the HTTP request for the name of a template, which is not filtered in the resulting 404 error message.
Source: MITRE
Max CVSS
4.3
EPSS Score
1.15%
Published
2002-12-31
Updated
2018-10-30
Cross-site scripting vulnerability (XSS) in Internet Explorer 5.01 through 6.0 allows remote attackers to read and execute files on the local system via web pages using the <frame> or <iframe> element and javascript, aka "Frames Cross Site Scripting," as demonstrated using the PrivacyPolicy.dlg resource.
Source: MITRE
Max CVSS
6.8
EPSS Score
3.18%
Published
2002-12-11
Updated
2021-07-23
Multiple cross-site scripting (XSS) vulnerabilities in the administrative web pages for Microsoft Internet Information Server (IIS) 4.0 through 5.1 allow remote attackers to execute HTML script as other users through (1) a certain ASP file in the IISHELP virtual directory, or (2) possibly other unknown attack vectors.
Source: MITRE
Max CVSS
6.8
EPSS Score
2.71%
Published
2002-11-12
Updated
2020-11-23
Microsoft Internet Explorer 5.01 and 5.5 allows remote attackers to execute scripts in the Local Computer zone via a URL that references a local HTML resource file, a variant of "Cross-Site Scripting in Local HTML Resource" as identified by CAN-2002-0189.
Source: MITRE
Max CVSS
7.5
EPSS Score
1.35%
Published
2002-09-24
Updated
2021-07-23
Internet Explorer 5.x and 6 interprets an object as an HTML document even when its MIME Content-Type is text/plain, which could allow remote attackers to execute arbitrary script in documents that the user does not expect, possibly through web applications that use a text/plain type to prevent cross-site scripting attacks.
Source: MITRE
Max CVSS
7.5
EPSS Score
2.15%
Published
2002-05-29
Updated
2021-07-23
Cross-site scripting vulnerability in Internet Explorer 6 earlier allows remote attackers to execute arbitrary script via an Extended HTML Form, whose output from the remote server is not properly cleansed.
Source: MITRE
Max CVSS
7.5
EPSS Score
1.50%
Published
2002-05-29
Updated
2021-07-23
Cross-site scripting vulnerability in Internet Explorer 6.0 allows remote attackers to execute scripts in the Local Computer zone via a URL that exploits a local HTML resource file, aka the "Cross-Site Scripting in Local HTML Resource" vulnerability.
Source: MITRE
Max CVSS
7.5
EPSS Score
20.62%
Published
2002-05-29
Updated
2021-07-23
Cross-site scripting vulnerability in the SQLXML component of Microsoft SQL Server 2000 allows an attacker to execute arbitrary script via the root parameter as part of an XML SQL query, aka "Script Injection via XML Tag."
Source: MITRE
Max CVSS
7.5
EPSS Score
0.61%
Published
2002-07-03
Updated
2018-10-12
Cross-site scripting vulnerability in Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows remote attackers to execute arbitrary script as other users via an HTTP error page.
Source: MITRE
Max CVSS
7.5
EPSS Score
40.36%
Published
2002-04-22
Updated
2020-11-23
Cross-site scripting vulnerability for Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows remote attackers to execute arbitrary script as other web users via the error message used in a URL redirect (""302 Object Moved") message.
Source: MITRE
Max CVSS
7.5
EPSS Score
6.76%
Published
2002-04-22
Updated
2020-11-23
Cross-site scripting vulnerability in Help File search facility for Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows remote attackers to embed scripts into another user's session.
Source: MITRE
Max CVSS
7.5
EPSS Score
8.52%
Published
2002-04-22
Updated
2020-11-23
15 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!