Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by CWE-79
Total 44499 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2003-0712 1 Microsoft 1 Exchange Server 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the HTML encoding for the Compose New Message form in Microsoft Exchange Server 5.5 Outlook Web Access (OWA) allows remote attackers to execute arbitrary web script.
CVE-2003-0624 1 Bea 1 Weblogic Server 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in InteractiveQuery.jsp for BEA WebLogic 8.1 and earlier allows remote attackers to inject malicious web script via the person parameter.
CVE-2003-0310 1 Ez 1 Ez Publish 2026-06-16 6.8 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in articleview.php for eZ publish 2.2 allows remote attackers to insert arbitrary web script.
CVE-2002-2424 1 Ekilat Llc 1 Php\(reactor\) 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in PHP(Reactor) 1.2.7 pl1 allows remote attackers to inject arbitrary web script or HTML via Javascript in the style attribute of an HTML tag.
CVE-2002-2422 1 Compaq 1 Insight Management Agent 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in Compaq Insight Management Agents 2.0, 2.1, 3.6.0, 4.2 and 4.3.7 allows remote attackers to inject arbitrary web script or HTML via a URL, which inserts the script into the resulting error message.
CVE-2002-2418 1 Acfp Project 1 Acfreeproxy 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in acFreeProxy (aka acFP) 1.33 beta 7 allows remote attackers to inject arbitrary web script or HTML via the URL, which is inserted into an error page.
CVE-2002-2386 1 Xoops 1 Xoops 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the Quizz module for XOOPS 1.0, when allowing on-line question development, allows remote attackers to inject arbitrary web script or HTML via a javascript: URL in the SRC attribute of an IMG tag.
CVE-2002-2378 1 Nakata 1 An Httpd 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in AN HTTP 1.41d allows remote attackers to inject arbitrary web script or HTML via a colon (:) in the query string, which is inserted into the resulting error page.
CVE-2002-2377 1 Sephiroth32 1 Zap Book 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in addentry.cgi in ZAP 1.0.3 allows remote attackers to inject arbitrary SSi directives, web script, and HTML via the entry field.
CVE-2002-2376 1 Leung 1 E-guest 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in E-Guest_sign.pl in E-Guest 1.1 allows remote attackers to inject arbitrary SSI directives, web script, and HTML via the (1) full name, (2) email, (3) homepage, and (4) location parameters. NOTE: this issue might overlap CVE-2005-1605.
CVE-2002-2364 1 Sourceforge 1 Php Ticket 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in PHP Ticket 0.5 and earlier allows remote attackers to inject arbitrary web script or HTML via a help ticket.
CVE-2002-2362 1 Sourceforge 1 Mymarket 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in form_header.php in MyMarket 1.71 allows remote attackers to inject arbitrary web script or HTML via the noticemsg parameter.
CVE-2002-2359 1 Mozilla 1 Mozilla 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the FTP view feature in Mozilla 1.0 allows remote attackers to inject arbitrary web script or HTML via the title tag of an ftp URL.
CVE-2002-2358 1 Opera Software 1 Opera Web Browser 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the FTP view feature in Opera 6.0 and 6.01 through 6.04 allows remote attackers to inject arbitrary web script or HTML via the title tag of an FTP URL.
CVE-2002-2350 1 Phpoutsourcing 1 Zorum 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in z_user_show.php in dbtreelistproperty_method.php in Zorum 2.4 allows remote attackers to inject arbitrary web script or HTML via the class parameter.
CVE-2002-2348 1 Authoria 1 Authoria 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in athcgi.exe in Authoria HR allows remote attackers to inject arbitrary web script or HTML via the command parameter.
CVE-2002-2347 1 Oracle 1 Application Server 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in Oracle Java Server Page (OJSP) demo files (1) hellouser.jsp, (2) welcomeuser.jsp and (3) usebean.jsp in Oracle 9i Application Server 9.0.2, 1.0.2.2, 1.0.2.1s and 1.0.2 allows remote attackers to inject arbitrary web script or HTML via the text entry field.
CVE-2002-2343 1 Nocc 1 Nocc 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in NOCC 0.9 through 0.9.5 allows remote attackers to inject arbitrary web script or HTML via email messages.
CVE-2002-2341 1 Sonicwall 1 Soho3 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in content blocking in SonicWALL SOHO3 6.3.0.0 allows remote attackers to inject arbitrary web script or HTML via a blocked URL.
CVE-2002-2340 1 Phorum 1 Phorum 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in read.php in Phorum 3.3.2a allows remote attackers to inject arbitrary web script or HTML via (1) the t parameter or (2) the body of an email response.