CVE-2007-2060

Cross-zone scripting vulnerability in the Wizz RSS Reader before 2.1.9 extension to Mozilla Firefox allows remote attackers to execute arbitrary Javascript in the browser chrome via the RSS feed DOM...

CVE-2007-0994

A regression error in Mozilla Firefox 2.x before 2.0.0.2 and 1.x before 1.5.0.10, and SeaMonkey 1.1 before 1.1.1 and 1.0 before 1.0.8, allows remote attackers to execute arbitrary JavaScript as the user via an HTML mail message with a javascript: URI in an 1 img, 2 link, or 3 style tag, which...

Design/Logic Flaw

A regression error in Mozilla Firefox 2.x before 2.0.0.2 and 1.x before 1.5.0.10, and SeaMonkey 1.1 before 1.1.1 and 1.0 before 1.0.8, allows remote attackers to execute arbitrary JavaScript as the user via an HTML mail message with a javascript: URI in an 1 img, 2 link, or 3 style tag, which...

CVE-2007-0994

CVE-2007-0994 affects Mozilla Firefox 2.x before 2.0.0.2 and Firefox 1.x before 1.5.0.10, and SeaMonkey 1.1 before 1.1.1 and 1.0 before 1.0.8. A regression in handling HTML mail with javascript: URIs in , (link), or tags could bypass access checks and allow remote JavaScript execution with chro...

CVE-2006-7050

Cross-site scripting XSS vulnerability in WikkaWiki Wikka Wiki before 1.1.6.2 allows remote attackers to inject arbitrary javascript via 1 events in forced links url parameter that are not properly handled in formatters/wakka.php, and possibly 2 other vectors in wikka.php...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in MailEnable Professional before 2.37 allow remote attackers to inject arbitrary Javascript script via 1 e-mail messages and 2 the ID parameter to a right.asp, b Forms/MAI/list.asp, and c Forms/VCF/list.asp in mewebmail/base/default/lang/EN/...

CVE-2007-0651

Multiple cross-site scripting XSS vulnerabilities in MailEnable Professional before 2.37 allow remote attackers to inject arbitrary Javascript script via 1 e-mail messages and 2 the ID parameter to a right.asp, b Forms/MAI/list.asp, and c Forms/VCF/list.asp in mewebmail/base/default/lang/EN/...

CVE-2006-6978

Cross-site scripting XSS vulnerability in the "Basic Toolbar Selection" in FCKEditor allows remote attackers to execute arbitrary JavaScript via the javascript: URI in the 1 href or 2 onmouseover attribute of the A HTML tag...

CVE-2006-6977

Cross-site scripting XSS vulnerability in the "Basic Toolbar Selection" in FreeTextBox allows remote attackers to execute arbitrary JavaScript via the javascript: URI in the 1 href or 2 onmouseover attribute of the A HTML tag...

CVE-2006-6978

Cross-site scripting XSS vulnerability in the "Basic Toolbar Selection" in FCKEditor allows remote attackers to execute arbitrary JavaScript via the javascript: URI in the 1 href or 2 onmouseover attribute of the A HTML tag...

CVE-2006-6977

Cross-site scripting XSS vulnerability in the "Basic Toolbar Selection" in FreeTextBox allows remote attackers to execute arbitrary JavaScript via the javascript: URI in the 1 href or 2 onmouseover attribute of the A HTML tag...

DSA-1227-1 mozilla-thunderbird

Bulletin has no description...

CVE-2006-6163

Cross-site scripting XSS vulnerability in tiki-setupbase.php in TikiWiki before 1.9.7 allows remote attackers to inject arbitrary JavaScript via unspecified parameters...

CVE-2006-6163

Cross-site scripting XSS vulnerability in tiki-setupbase.php in TikiWiki before 1.9.7 allows remote attackers to inject arbitrary JavaScript via unspecified parameters...

CVE-2006-5463

Unspecified vulnerability in Mozilla Firefox before 1.5.0.8, Thunderbird before 1.5.0.8, and SeaMonkey before 1.0.6 allows remote attackers to execute arbitrary JavaScript bytecode via unspecified vectors involving modification of a Script object while it is executing...

CVE-2006-5486

Cross-site scripting XSS vulnerability in Webmail in Sun Java System Messaging Server 6.0 through 6.2 and iPlanet Messaging Server 5.2 allows remote attackers to execute arbitrary Javascript via crafted messages...

PT-2006-5353 · Microsoft · Internet Explorer 6

Name of the Vulnerable Software and Affected Versions: Internet Explorer 6 version Description: The issue allows remote attackers to execute arbitrary JavaScript in the context of the browser's session with an arbitrary intranet web server. This can be achieved by hosting script on an Internet we...

[Kil13r-SA-20060628] Hanaro Search Cross-Site Scripting Vulnerability

Title: Kil13r-SA-20060628 Hanaro Search Cross-Site Scripting Vulnerability Author: Kil13r - http://www.kil13r.info/ Local / Remote: Remote Timeline: 2006/06/22 - Discovery 2006/06/28 - Release Affected version: Not affected version: Description: Hanaro is ISP site, but that has vulnerability. It...

[Kil13r-SA-20060622-1] NetSoft SmartNet 2.0 Cross-Site Scripting Vulnerability

Title: Kil13r-SA-20060622-1 NetSoft SmartNet 2.0 Cross-Site Scripting Vulnerability Author: Kil13r - http://www.kil13r.info/ Local / Remote: Remote Timeline: 2006/06/21 - Discovery 2006/06/21 - Vendor notification 2006/06/22 - Release Affected version: NetSoft SmartNet 2.0 Not affected version:...

CVE-2006-3014

Microsoft Excel allows user-assisted attackers to execute arbitrary javascript and redirect users to arbitrary sites via an Excel spreadsheet with an embedded Shockwave Flash Player ActiveX Object, which is automatically executed when the user opens the spreadsheet...