Lucene search
K

1719 matches found

Prion
Prion
added 2009/08/28 3:30 p.m.14 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Carmosa phpCart 3.4 through 4.6.4 allow remote attackers to inject arbitrary web script or HTML via the 1 quantity or 2 Add Engraving fields to the default URI; 3 Quantity field to phpcart.php; 4 Name, 5 Company, 6 Address, 7 City, and 8...

4.3CVSS6.1AI score0.01022EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2009/08/28 3:0 p.m.19 views

CVE-2008-7108

Multiple cross-site scripting XSS vulnerabilities in Carmosa phpCart 3.4 through 4.6.4 allow remote attackers to inject arbitrary web script or HTML via the 1 quantity or 2 Add Engraving fields to the default URI; 3 Quantity field to phpcart.php; 4 Name, 5 Company, 6 Address, 7 City, and 8...

5.8AI score0.01022EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2009/08/25 12:0 a.m.23 views

TortoiseSVN < 1.5.6 / 1.6.0-1.6.3 Multiple Integer Overflows

Binary data 5139.prm...

8.5CVSS7.3AI score0.05112EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2008/06/24 12:0 a.m.27 views

Fedora 9 : gallery2-2.2.5-1.fc9 (2008-5576)

Wed Jun 18 2008 John Berninger - 2.2.5-1 - update to upstream 2.2.5 for security vulns - Tue Apr 22 2008 John Berninger - 2.2.4-4 - update version for tag conflict due to devel build prior to update of cvs checkout Note that Tenable Network Security has extracted the preceding description block...

7.5CVSS5.3AI score0.01698EPSS
Exploits0References7
Drupal
Drupal
added 2008/04/02 12:0 a.m.11 views

SA-2008-023 - Ubercart - Cross site scripting

During checkout in Ubercart enabled stores, customers have text fields in which to enter their address and order information. Some stores will have modules enabled that restrict what sort of values are accepted in these fields, but this is not the case for everyone. This provides an opportunity f...

6.5AI score
Exploits0References4
seebug.org
seebug.org
added 2007/04/16 12:0 a.m.14 views

SunShop Shopping Cart &lt;= 3.5 (abs_path) RFI Vulnerabilities

No description provided by source. sunshop 4 index.php Remote File Include Vulnerability ----------------------------------------------------------------------------------------- scripts : SunShop v3.5 Discovered By : irvian scripts site : http://www.turnkeywebtools.com/sunshop/ Thanks To :...

7.1AI score
Exploits0
NVD
NVD
added 2006/01/31 11:3 a.m.18 views

CVE-2006-0477

Buffer overflow in git-checkout-index in GIT before 1.1.5 allows remote attackers to execute arbitrary code via an index file with a long symbolic link...

7.5CVSS7.9AI score0.03182EPSS
Exploits0References5
Prion
Prion
added 2006/01/31 11:3 a.m.11 views

Buffer overflow

Buffer overflow in git-checkout-index in GIT before 1.1.5 allows remote attackers to execute arbitrary code via an index file with a long symbolic link...

7.5CVSS8.5AI score0.03182EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2006/01/31 11:0 a.m.49 views

CVE-2006-0477

CVE-2006-0477 describes a buffer overflow in Git’s git-checkout-index, affecting Git versions prior to 1.1.5. An attacker could cause remote arbitrary code execution by providing an index file containing a long symbolic link. The vulnerability is triggered during index handling by git-checkout-in...

7.5CVSS7.9AI score0.03182EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2006/01/31 11:0 a.m.24 views

CVE-2006-0477

Buffer overflow in git-checkout-index in GIT before 1.1.5 allows remote attackers to execute arbitrary code via an index file with a long symbolic link...

7.9AI score0.03182EPSS
Exploits0References5
OSV
OSV
added 2004/06/01 4:0 a.m.1 views

DEBIAN-CVE-2004-0180

The client for CVS before 1.11 allows a remote malicious CVS server to create arbitrary files using certain RCS diff files that use absolute pathnames during checkouts or updates, a different vulnerability than CVE-2004-0405...

2.6CVSS6.9AI score0.01832EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2004/04/14 1:59 p.m.7 views

security flaw

The client for CVS before 1.11 allows a remote malicious CVS server to create arbitrary files using certain RCS diff files that use absolute pathnames during checkouts or updates, a different vulnerability than CVE-2004-0405...

2.6CVSS5.9AI score0.01832EPSS
Exploits0References4
exploitpack
exploitpack
added 2003/03/20 12:0 a.m.11 views

osCommerce 2.12.2 - Checkout_Payment.php Error Output Cross-Site Scripting

osCommerce 2.12.2 - CheckoutPayment.php Error Output Cross-Site Scripting source: https://www.securityfocus.com/bid/7155/info Error output is not sufficiently sanitized of HTML and script code by osCommerce. This may allow for cross-site scripting attacks as remote users could create a malicious...

6.8AI score
Exploits0
NVD
NVD
added 2002/10/04 4:0 a.m.23 views

CVE-2002-1018

The library feature for Adobe Content Server 3.0 does not verify if a customer has already checked out an eBook, which allows remote attackers to cause a denial of service resource exhaustion by checking out the same book multiple times...

5CVSS6.6AI score0.02473EPSS
Exploits0References3
NVD
NVD
added 2002/10/04 4:0 a.m.16 views

CVE-2002-1020

The library feature for Adobe Content Server 3.0 allows a remote attacker to check out an eBook even when the maximum number of loans is exceeded by accessing the "Add to bookbag" feature when the server reports that no more copies are available...

5CVSS6.6AI score0.02269EPSS
Exploits0References3
Cvelist
Cvelist
added 2002/08/31 4:0 a.m.24 views

CVE-2002-1019

The library feature for Adobe Content Server 3.0 allows a remote attacker to check out an eBook for an arbitrary length of time via a modified loanMin parameter to download.asp...

6.7AI score0.02642EPSS
Exploits0References3
CVE
CVE
added 2002/08/31 4:0 a.m.54 views

CVE-2002-1020

The CVE-2002-1020 entry concerns Adobe Content Server 3.0. The vulnerability arises in the library feature used for the Add to bookbag operation: when the server reports that no more copies are available, a remote attacker can still check out an eBook. This implies an underlying logic flaw where ...

5CVSS7AI score0.02269EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2002/08/31 4:0 a.m.18 views

CVE-2002-1018

The library feature for Adobe Content Server 3.0 does not verify if a customer has already checked out an eBook, which allows remote attackers to cause a denial of service resource exhaustion by checking out the same book multiple times...

6.6AI score0.02473EPSS
Exploits0References3
Cvelist
Cvelist
added 2002/08/31 4:0 a.m.24 views

CVE-2002-1020

The library feature for Adobe Content Server 3.0 allows a remote attacker to check out an eBook even when the maximum number of loans is exceeded by accessing the "Add to bookbag" feature when the server reports that no more copies are available...

6.6AI score0.02269EPSS
Exploits0References3
Rows per page
Query Builder