Lucene search
K

288 matches found

Prion
Prion
added 2008/09/27 10:30 a.m.14 views

Design/Logic Flaw

Opera before 9.52 does not ensure that the address field of a news feed represents the feed's actual URL, which allows remote attackers to change this field to display the URL of a page containing web script controlled by the attacker...

6.4CVSS6.6AI score0.03183EPSS
Exploits0References16Affected Software1
Cvelist
Cvelist
added 2008/09/27 12:0 a.m.24 views

CVE-2008-4200

Opera before 9.52 does not ensure that the address field of a news feed represents the feed's actual URL, which allows remote attackers to change this field to display the URL of a page containing web script controlled by the attacker...

8.4AI score0.03183EPSS
Exploits0References16
CVE
CVE
added 2008/09/27 12:0 a.m.49 views

CVE-2008-4200

The provided connected documentation confirms CVE-2008-4200 affects Opera prior to 9.52, where the address field of a news feed may not reflect the feed’s actual URL. This can allow a remote attacker to set the field to display the URL of a page containing script controlled by the attacker, enabl...

6.4CVSS8.4AI score0.03183EPSS
Exploits0References16Affected Software1
NVD
NVD
added 2008/05/28 3:32 p.m.21 views

CVE-2008-2478

scripts/wwwacct in cPanel 11.18.6 STABLE and earlier and 11.23.1 CURRENT and earlier allows remote authenticated users with reseller privileges to execute arbitrary code via shell metacharacters in the Email address field aka Email text box. NOTE: the vendor disputes this, stating "I'm unable to...

8.5CVSS7.4AI score0.04213EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2008/05/28 12:0 a.m.5 views

PT-2008-3935 · Cpanel · Cpanel

Name of the Vulnerable Software and Affected Versions: cPanel versions 11.18.6 and earlier, 11.23.1 and earlier Description: The issue allows remote authenticated users with reseller privileges to execute arbitrary code via shell metacharacters in the Email address field. The vendor disputes this...

8.5CVSS7.5AI score0.04213EPSS
Exploits1References9
Prion
Prion
added 2008/02/25 9:44 p.m.12 views

Format string

Format string vulnerability in the logging function in the IM Server aka IMserve or IMserver in Ipswitch Instant Messaging IM 2.0.8.1 and earlier allows remote authenticated users to cause a denial of service daemon crash and possibly have unspecified other impact via format string specifiers in ...

3.5CVSS7.4AI score0.06878EPSS
Exploits0References6Affected Software2
NVD
NVD
added 2007/12/17 6:46 p.m.11 views

CVE-2007-6406

Multiple cross-site scripting XSS vulnerabilities in CA formerly Computer Associates eTrust Threat Management Console allow remote attackers to inject arbitrary web script or HTML via the IP Address field and other unspecified fields...

4.3CVSS5.8AI score0.01854EPSS
Exploits0References4
Cvelist
Cvelist
added 2007/12/17 6:0 p.m.18 views

CVE-2007-6406

Multiple cross-site scripting XSS vulnerabilities in CA formerly Computer Associates eTrust Threat Management Console allow remote attackers to inject arbitrary web script or HTML via the IP Address field and other unspecified fields...

5.8AI score0.01854EPSS
Exploits0References4
Rows per page
Query Builder