CVE-2020-15811

An issue was discovered in Squid before 4.13 and 5.x before 5.0.4. Due to incorrect data validation, HTTP Request Splitting attacks may succeed against HTTP and HTTPS traffic. This leads to cache poisoning. This allows any client, including browser scripts, to bypass local security and poison the...

CVE-2020-15811

An issue was discovered in Squid before 4.13 and 5.x before 5.0.4. Due to incorrect data validation, HTTP Request Splitting attacks may succeed against HTTP and HTTPS traffic. This leads to cache poisoning. This allows any client, including browser scripts, to bypass local security and poison the...

Digital Arts i-FILTER Cross-Site Scripting Vulnerability

Digital Arts i-FILTER is a server-based Web filtering software from Digital Arts Japan. The software is mainly used to monitor Web access and protect outbound and inbound traffic. A cross-site scripting vulnerability exists in Digital Arts i-FILTER 9.50R05 and earlier versions. A remote attacker...

Cross-Site Scripting Vulnerability in Multiple Moxa Products

Moxa OnCell G3100 and others are IP gateway products from Moxa. A cross-site scripting vulnerability exists in multiple Moxa products, which can be exploited by an attacker to execute arbitrary script code in a user's browser...

Vulnerability of Microsoft Lync Server software, allowing a remote attacker to compromise protected information

A vulnerability that allows access to confidential information exists in Lync Server. This vulnerability is related to the improper processing e.g., filtering of specially crafted content. If exploited successfully, a malicious individual can execute scripts in the user’s browser and gain access ...

TestLink HTML Injection Vulnerability

Testlink is TestLink team developed a PHP-based open source test management tool . The tool provides test requirements management , test case management and test data statistics and other functions . TestLink 1.9.14 version of the existence of HTML injection vulnerability. A remote attacker can...

OCS Inventory NG Cross-Site Scripting Vulnerability

OCS Inventory NG Open Computer and Software Inventory Next Generation is a System Administration software developed by OCS Inventory team. The software helps administrators master computer software installation and configuration, as well as low network traffic communication between HTTP proxies a...

WebsiteBaker vulnerable to cross-site scripting

Overview WebsiteBaker contains a cross-site scripting vulnerability. WebsiteBaker is a content management system CMS. WebsiteBaker contains a cross-site scripting vulnerability. Daiki Fukumori of Cyber Defense Institute, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the...

Multiple Tor World CGI scripts vulnerable to arbitrary script execution

Overview Multiple Tor World CGI scripts contain a vulnerability which may allow an arbitrary script execution. Tor World provides CGI scripts for implementing search engines, message boards, and other tools. Multiple Tor World CGI scripts contain a vulnerability which may allow an attacker to...