Lucene search
+L

94 matches found

seebug.org
seebug.org
added 2007/08/24 12:0 a.m.35 views

Bugzilla多个远程安全漏洞

BUGTRAQ ID: 25420 Bugzilla是很多软件项目都在使用的基于Web的bug跟踪系统。 Bugzilla的实现上存在多个远程安全漏洞,远程攻击者可能利用这些漏洞在服务器上执行恶意命令或导致信息泄露。 在归档bug的时候Bugzilla没有正确地转义指导表单中的buildid字段,这可能允许用户通过向enterbug.cgi提交恶意URL覆盖User-Agent字符串,执行跨站脚本攻击。...

6.9AI score
Exploits0
Prion
Prion
added 2007/08/13 7:17 p.m.13 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the management interface in WebCart 2.20 through 2.25 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6AI score0.01263EPSS
Exploits0References7Affected Software1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2007/08/10 12:0 a.m.10 views

JVN#66303599 WebCart cross-site scripting vulnerability

WebCart provided by CGI's is shopping cart software. WebCart's management interface contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest version provided by the vendor. For more...

6.6AI score
Exploits0
Cvelist
Cvelist
added 2006/05/16 10:0 a.m.34 views

CVE-2006-2420

Bugzilla 2.20rc1 through 2.20 and 2.21.1, when using RSS 1.0, allows remote attackers to conduct cross-site scripting XSS attacks via a title element with HTML encoded sequences such as "", which are automatically decoded by some RSS readers. NOTE: this issue is not in Bugzilla itself, but rather...

5.6AI score0.01537EPSS
Exploits0References6
CVE
CVE
added 2006/02/28 11:0 a.m.59 views

CVE-2006-0913

CVE-2006-0913 describes an SQL injection in the Bugzilla component for the web front end. The vulnerability affects Bugzilla versions 2.17 through 2.18.4 and 2.20, where remote authenticated users with administrative privileges can exploit the flaw via the whinedays parameter exposed from editpar...

5.5CVSS7.8AI score0.01018EPSS
Exploits1References7Affected Software1
Cvelist
Cvelist
added 2006/02/28 11:0 a.m.32 views

CVE-2006-0916

Bugzilla 2.19.3 through 2.20 does not properly handle "//" sequences in URLs when redirecting a user from the login form, which could cause it to generate a partial URL in a form action that causes the user's browser to send the form data to another domain...

6AI score0.01175EPSS
Exploits0References7
Cvelist
Cvelist
added 2005/09/16 4:0 a.m.21 views

CVE-2005-2947

Buffer overflow in KillProcess 2.20 and earlier allows user-assisted attackers to execute arbitrary code via an exe file with a long FileDescription in the version resource...

7.8AI score0.02451EPSS
Exploits1References4
CVE
CVE
added 2005/09/16 4:0 a.m.40 views

CVE-2005-2947

CVE-2005-2947 describes a buffer overflow in KillProcess version 2.20 and earlier, triggered by an executable file containing a long FileDescription in the version resource. The vulnerability can allow user‑assisted attackers to execute arbitrary code. The provided connected documents do not spec...

5.1CVSS8.1AI score0.02451EPSS
Exploits1References4Affected Software1
Debian CVE
Debian CVE
added 2005/03/22 5:0 a.m.29 views

CVE-2005-0838

Multiple buffer overflows in the XSL parser for IceCast 2.20 may allow attackers to cause a denial of service and possibly execute arbitrary code via 1 a long test value in an xsl:when tag, 2 a long test value in an xsl:if tag, or 3 a long select value in an xsl:value-of tag...

7.5CVSS7.5AI score0.09448EPSS
Exploits1
Debian CVE
Debian CVE
added 2005/03/22 5:0 a.m.23 views

CVE-2005-0837

IceCast 2.20 allows remote attackers to bypass the XSL parser and obtain the source for XSL files via a request for a .xsl file with a trailing . dot...

5CVSS6.4AI score0.0245EPSS
Exploits1
exploitpack
exploitpack
added 2005/03/18 12:0 a.m.18 views

Icecast 2.x - XSL Parser Multiple Vulnerabilities

Icecast 2.x - XSL Parser Multiple Vulnerabilities source: https://www.securityfocus.com/bid/12849/info Icecast is reported prone to multiple vulnerabilities. The following individual issues are reported: Icecast XSL parser is reported to be prone to a buffer overflow vulnerability. This issue...

0.7AI score
Exploits0
Exploit DB
Exploit DB
added 2005/03/18 12:0 a.m.24 views

Icecast 2.x - XSL Parser Multiple Vulnerabilities

source: https://www.securityfocus.com/bid/12849/info Icecast is reported prone to multiple vulnerabilities. The following individual issues are reported: Icecast XSL parser is reported to be prone to a buffer overflow vulnerability. This issue exists due to a lack of sufficient boundary checks...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/08/18 12:0 a.m.19 views

thttpd < 2.20 Arbitrary World-Readable File Disclosure

Binary data 2120.prm...

7.5CVSS7.3AI score0.02022EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 1970/01/01 12:0 a.m.4 views

PT-2009-6742 · Gnome +1 · Glib2-Debuginfo +8

Name of the Vulnerable Software and Affected Versions: GLib versions prior to 2.20 glib2-devel versions prior to 2.12.3 glib2-debuginfo versions prior to 2.12.3 libgio-2 0-0 versions prior to 2.20 libgmodule-2 0-0 versions prior to 2.20 libgobject-2 0-0 versions prior to 2.20 libgthread-2 0-0...

4.6CVSS7.7AI score0.00494EPSS
Exploits1References102
Rows per page
Query Builder