5 matches found
CVE-2019-18840
In wolfSSL 4.1.0 through 4.2.0c, there are missing sanity checks of memory accesses in parsing ASN.1 certificate data while handshaking. Specifically, there is a one-byte heap-based buffer overflow inside the DecodedCert structure in GetName in wolfcrypt/src/asn.c because the domain name location...
CVE-2009-1408
Cross-site scripting XSS vulnerability in webSPELL 4.2.0c allows remote attackers to inject arbitrary web script or HTML allows remote attackers to inject arbitrary web script or HTML via Javascript events such as onmouseover in nested BBcode tags, as demonstrated using 1 email, 2 img, and 3 url...
CVE-2009-1408
Cross-site scripting XSS vulnerability in webSPELL 4.2.0c allows remote attackers to inject arbitrary web script or HTML allows remote attackers to inject arbitrary web script or HTML via Javascript events such as onmouseover in nested BBcode tags, as demonstrated using 1 email, 2 img, and 3 url...
webSPELL 4.2.0c Bypass BBCode XSS Cookie Stealing Vulnerability
No description provided by source. || || || -----------------------------------------\ == -- ----------- ---------------------------- ------------------/ ¡VIVA SPAIN!...¡GANAREMOS EL MUNDIAL!...o.O PROUD TO BE SPANISH! -------------------...
webSPELL 4.2.0c Bypass BBCode XSS Cookie Stealing Vulnerability
Exploit for unknown platform in category web applications =============================================================== webSPELL 4.2.0c Bypass BBCode XSS Cookie Stealing Vulnerability ===============================================================...