Lucene search
+L

9742 matches found

securityvulns
securityvulns
added 2007/02/20 12:0 a.m.61 views

MediaWiki Cross-site Scripting

MediaWiki Cross-site Scripting Vulnerabilities. Date: 18/02/2007 Vendor: MediaWiki Vulnerable versions: MediaWiki 1.9.2 latest and below. Description: MediaWiki v1.8.2 and below are vulnerable to plain Cross-site scripting attack by expliting the experimental AJAX features, if enabled default. Th...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2007/02/19 12:0 a.m.47 views

MediaWiki Cross-site Scripting

MediaWiki Cross-site Scripting Vulnerabilities. Date: 18/02/2007 Vendor: MediaWiki Vulnerable versions: MediaWiki 1.9.2 latest and below. Description: MediaWiki v1.8.2 and below are vulnerable to plain Cross-site scripting attack by expliting the experimental AJAX features, if enabled default. Th...

Exploits0
RedHat Linux
RedHat Linux
added 2007/01/22 7:40 p.m.5 views

security flaw

Double free vulnerability in the Adobe Acrobat Reader Plugin before 8.0.0, as used in Mozilla Firefox 1.5.0.7, allows remote attackers to execute arbitrary code by causing an error via a javascript: URI call to document.write in the 1 FDF, 2 XML, or 3 XFDF AJAX request parameters...

7.5CVSS6.2AI score0.55677EPSS
Exploits1References4
seebug.org
seebug.org
added 2007/01/14 12:0 a.m.21 views

MediaWiki AJAX未明跨站脚本漏洞

MediaWiki AJAX是一款著名的wiki知识库引擎。 MediaWiki AJAX不正确过滤用户提交的输入,远程攻击者可以利用漏洞进行跨站脚本攻击,获得敏感信息。 目前没有详细漏洞细节提供。 MediaWiki MediaWiki 1.8.2 MediaWiki MediaWiki 1.8.1 MediaWiki MediaWiki 1.8 MediaWiki MediaWiki 1.7.1 MediaWiki MediaWiki 1.7 MediaWiki MediaWiki 1.6.8 MediaWiki MediaWiki 1.6.7 MediaWiki MediaWiki...

7.1AI score
Exploits0
myhack58
myhack58
added 2007/01/12 12:0 a.m.30 views

Ajax hacking (Monyer)-vulnerability warning-the black bar safety net

Author: dream light In the tenth period published the Ajax hacking, the users give me feedback onXSSthe technical aspects of the problem mainly by the following several. For what in Ajax hacking, withXSS for? It with the traditionalXSSwhat's the difference? They each have what the pros and cons o...

6.9AI score
Exploits0
Prion
Prion
added 2007/01/11 12:28 a.m.20 views

Cross site scripting

Cross-site scripting XSS vulnerability in the AJAX module in MediaWiki before 1.6.9, 1.7 before 1.7.2, 1.8 before 1.8.3, and 1.9 before 1.9.0rc2, when wgUseAjax is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

5.1CVSS5.8AI score0.03333EPSS
Exploits0References12Affected Software1
NVD
NVD
added 2007/01/11 12:28 a.m.24 views

CVE-2007-0177

Cross-site scripting XSS vulnerability in the AJAX module in MediaWiki before 1.6.9, 1.7 before 1.7.2, 1.8 before 1.8.3, and 1.9 before 1.9.0rc2, when wgUseAjax is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

5.1CVSS5.5AI score0.03333EPSS
Exploits0References12
UbuntuCve
UbuntuCve
added 2007/01/11 12:28 a.m.21 views

CVE-2007-0177

Cross-site scripting XSS vulnerability in the AJAX module in MediaWiki before 1.6.9, 1.7 before 1.7.2, 1.8 before 1.8.3, and 1.9 before 1.9.0rc2, when wgUseAjax is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

5.1CVSS6.1AI score0.03333EPSS
Exploits0References1
OSV
OSV
added 2007/01/11 12:28 a.m.8 views

CVE-2007-0177

Cross-site scripting XSS vulnerability in the AJAX module in MediaWiki before 1.6.9, 1.7 before 1.7.2, 1.8 before 1.8.3, and 1.9 before 1.9.0rc2, when wgUseAjax is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

5.5AI score
Exploits0References18
OSV
OSV
added 2007/01/11 12:28 a.m.5 views

DEBIAN-CVE-2007-0177

Cross-site scripting XSS vulnerability in the AJAX module in MediaWiki before 1.6.9, 1.7 before 1.7.2, 1.8 before 1.8.3, and 1.9 before 1.9.0rc2, when wgUseAjax is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

5.1CVSS5.7AI score0.03333EPSS
Exploits0References1
Cvelist
Cvelist
added 2007/01/11 12:0 a.m.29 views

CVE-2007-0177

Cross-site scripting XSS vulnerability in the AJAX module in MediaWiki before 1.6.9, 1.7 before 1.7.2, 1.8 before 1.8.3, and 1.9 before 1.9.0rc2, when wgUseAjax is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

5.4AI score0.03333EPSS
Exploits0References12
Debian CVE
Debian CVE
added 2007/01/11 12:0 a.m.37 views

CVE-2007-0177

Cross-site scripting XSS vulnerability in the AJAX module in MediaWiki before 1.6.9, 1.7 before 1.7.2, 1.8 before 1.8.3, and 1.9 before 1.9.0rc2, when wgUseAjax is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

5.1CVSS5.6AI score0.03333EPSS
Exploits0
securityvulns
securityvulns
added 2007/01/04 12:0 a.m.2773 views

Hacking AJAX DWR Applications

By Guy Karlebach & Amichai Shulman Introduction The introduction of AJAX into a web application improves the user experience significantly. However, the complexity of some AJAX frameworks and the limited field experience with them requires a careful examination of potential vulnerabilities. DWR i...

0.1AI score
Exploits0
Prion
Prion
added 2007/01/03 9:28 p.m.23 views

Cross site request forgery (csrf)

Adobe Acrobat Reader Plugin before 8.0.0 for the Firefox, Internet Explorer, and Opera web browsers allows remote attackers to force the browser to make unauthorized requests to other web sites via a URL in the 1 FDF, 2 xml, and 3 xfdf AJAX request parameters, following the hash character, aka...

4.3CVSS6.7AI score0.55472EPSS
Exploits1References15Affected Software2
Prion
Prion
added 2007/01/03 9:28 p.m.21 views

Crlf injection

CRLF injection vulnerability in Adobe Acrobat Reader Plugin before 8.0.0, when used with the Microsoft.XMLHTTP ActiveX object in Internet Explorer, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the javascript: URI in the...

6.8CVSS6.9AI score0.08802EPSS
Exploits0References6Affected Software1
Prion
Prion
added 2007/01/03 9:28 p.m.28 views

Double free

Double free vulnerability in the Adobe Acrobat Reader Plugin before 8.0.0, as used in Mozilla Firefox 1.5.0.7, allows remote attackers to execute arbitrary code by causing an error via a javascript: URI call to document.write in the 1 FDF, 2 XML, or 3 XFDF AJAX request parameters...

7.5CVSS7.5AI score0.55677EPSS
Exploits1References20Affected Software1
UbuntuCve
UbuntuCve
added 2007/01/03 9:28 p.m.38 views

CVE-2007-0046

Double free vulnerability in the Adobe Acrobat Reader Plugin before 8.0.0, as used in Mozilla Firefox 1.5.0.7, allows remote attackers to execute arbitrary code by causing an error via a javascript: URI call to document.write in the 1 FDF, 2 XML, or 3 XFDF AJAX request parameters...

7.5CVSS6AI score0.55677EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2007/01/03 9:28 p.m.30 views

CVE-2007-0045

Multiple cross-site scripting XSS vulnerabilities in Adobe Acrobat Reader Plugin before 8.0.0, and possibly the plugin distributed with Adobe Reader 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2, for Mozilla Firefox, Microsoft Internet Explorer 6 SP1, Google Chrome, Opera 8.5.4 build 770...

4.3CVSS5.9AI score0.45537EPSS
Exploits2References1
Cvelist
Cvelist
added 2007/01/03 8:0 p.m.30 views

CVE-2007-0046

Double free vulnerability in the Adobe Acrobat Reader Plugin before 8.0.0, as used in Mozilla Firefox 1.5.0.7, allows remote attackers to execute arbitrary code by causing an error via a javascript: URI call to document.write in the 1 FDF, 2 XML, or 3 XFDF AJAX request parameters...

7.2AI score0.55677EPSS
Exploits1References20
Cvelist
Cvelist
added 2007/01/03 8:0 p.m.35 views

CVE-2007-0045

Multiple cross-site scripting XSS vulnerabilities in Adobe Acrobat Reader Plugin before 8.0.0, and possibly the plugin distributed with Adobe Reader 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2, for Mozilla Firefox, Microsoft Internet Explorer 6 SP1, Google Chrome, Opera 8.5.4 build 770...

5.3AI score0.45537EPSS
Exploits2References44
Rows per page
Query Builder