Lucene search
K

1063 matches found

Exploit DB
Exploit DB
added 2006/02/11 12:0 a.m.28 views

ImageVue 0.16.1 - 'index.php?bgcol' Cross-Site Scripting

source: https://www.securityfocus.com/bid/16594/info ImageVue is prone to multiple vulnerabilities, including unauthorized uploading of files with arbitrary extensions, authentication bypass, information disclosure, and content injection. Successful exploitation could allow attackers to upload an...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2006/02/11 12:0 a.m.25 views

ImageVue 0.16.1 - 'readfolder.php?path' Arbitrary Directory Listing

source: https://www.securityfocus.com/bid/16594/info ImageVue is prone to multiple vulnerabilities, including unauthorized uploading of files with arbitrary extensions, authentication bypass, information disclosure, and content injection. Successful exploitation could allow attackers to upload an...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2006/02/11 12:0 a.m.22 views

ImageVue 0.16.1 - 'dir.php' Folder Permission Disclosure

source: https://www.securityfocus.com/bid/16594/info ImageVue is prone to multiple vulnerabilities, including unauthorized uploading of files with arbitrary extensions, authentication bypass, information disclosure, and content injection. Successful exploitation could allow attackers to upload an...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2006/02/11 12:0 a.m.31 views

ImageVue 0.16.1 - 'upload.php' Unrestricted Arbitrary File Upload

source: https://www.securityfocus.com/bid/16594/info ImageVue is prone to multiple vulnerabilities, including unauthorized uploading of files with arbitrary extensions, authentication bypass, information disclosure, and content injection. Successful exploitation could allow attackers to upload an...

7AI score
Exploits0
exploitpack
exploitpack
added 2006/01/24 12:0 a.m.40 views

123 Flash Chat 5.0 - Remote Code Injection

123 Flash Chat 5.0 - Remote Code Injection source: https://www.securityfocus.com/bid/16360/info 123 Flash Chat is prone to an arbitrary code injection weakness. An attacker can influence the value of a variable that is insecurely passed to an 'eval' call. Successful exploitation may allow attacke...

8.2AI score
Exploits0
exploitpack
exploitpack
added 2005/11/28 12:0 a.m.27 views

PHP Web Statistik 1.4 - Content Injection

PHP Web Statistik 1.4 - Content Injection source: https://www.securityfocus.com/bid/15603/info PHP Web Statistik is prone to multiple content injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. The vulnerabilities could allow f...

7.7AI score
Exploits0
Exploit DB
Exploit DB
added 2005/11/28 12:0 a.m.26 views

PHP Web Statistik 1.4 - Content Injection

source: https://www.securityfocus.com/bid/15603/info PHP Web Statistik is prone to multiple content injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. The vulnerabilities could allow for HTML injection and cross-site scripting...

7.4AI score
Exploits0
Cvelist
Cvelist
added 2004/12/10 5:0 a.m.17 views

CVE-2004-1155

Internet Explorer 5.01 through 6 allows remote attackers to spoof arbitrary web sites by injecting content from one window into another window whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the "window injection"...

6.7AI score0.12585EPSS
Exploits1References6
FreeBSD
FreeBSD
added 2004/12/08 12:0 a.m.38 views

web browsers -- window injection vulnerabilities

A Secunia Research advisory reports: Secunia Research has reported a vulnerability in multiple browsers, which can be exploited by malicious people to spoof the content of websites. The problem is that a website can inject content into another site's window if the target name of the window is...

7.5CVSS1.6AI score0.0272EPSS
Exploits2References10
Tenable Nessus
Tenable Nessus
added 2004/08/18 12:0 a.m.30 views

Mozilla Thunderbird < 2.0.0.22 Multiple Vulnerabilities

Binary data 5001.prm...

9.3CVSS7.3AI score0.09282EPSS
Exploits9References20
Cvelist
Cvelist
added 2004/07/23 4:0 a.m.28 views

CVE-2004-0720

Safari 1.2.2 does not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability...

6.5AI score0.01258EPSS
Exploits0References3
exploitpack
exploitpack
added 2002/04/21 12:0 a.m.14 views

vqServer 1.9.x - CGI Demo Program Script Injection

vqServer 1.9.x - CGI Demo Program Script Injection source: https://www.securityfocus.com/bid/4573/info vqServer is a HTTP server implemented in Java. vqServer is available on any architecture supporting Java, including Linux and Microsoft Windows. Reportedly, numerous default CGI scripts included...

0.5AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added 1970/01/01 12:0 a.m.28 views

Security Update For Exchange Server 2016 CU7 (KB4045655)

A spoofing vulnerability exists in Microsoft Exchange Server when Outlook Web Access OWA fails to properly handle web requests. An attacker who successfully exploited the vulnerabilities could perform script or content injection attacks, and attempt to trick the user into disclosing sensitive...

1.2AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added 1970/01/01 12:0 a.m.17 views

Security Update For Exchange Server 2019 CU1 (KB4503027)

A spoofing vulnerability exists in Microsoft Exchange Server when Outlook Web Access OWA fails to properly handle web requests. An attacker who successfully exploited the vulnerability could perform script or content injection attacks, and attempt to trick the user into disclosing sensitive...

1.2AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added 1970/01/01 12:0 a.m.9 views

Security Update For Exchange Server 2016 CU12 (KB4503027)

A spoofing vulnerability exists in Microsoft Exchange Server when Outlook Web Access OWA fails to properly handle web requests. An attacker who successfully exploited the vulnerability could perform script or content injection attacks, and attempt to trick the user into disclosing sensitive...

1.2AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added 1970/01/01 12:0 a.m.9 views

Security Update For Exchange Server 2016 CU11 (KB4503027)

A spoofing vulnerability exists in Microsoft Exchange Server when Outlook Web Access OWA fails to properly handle web requests. An attacker who successfully exploited the vulnerability could perform script or content injection attacks, and attempt to trick the user into disclosing sensitive...

1.2AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added 1970/01/01 12:0 a.m.7 views

Security Update For Exchange Server 2019 (KB4503027)

A spoofing vulnerability exists in Microsoft Exchange Server when Outlook Web Access OWA fails to properly handle web requests. An attacker who successfully exploited the vulnerability could perform script or content injection attacks, and attempt to trick the user into disclosing sensitive...

1.2AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added 1970/01/01 12:0 a.m.15 views

Security Update For Exchange Server 2019 CU1 (KB4487563)

A spoofing vulnerability exists in Microsoft Exchange Server when Outlook Web Access OWA fails to properly handle web requests. An attacker who successfully exploited the vulnerability could perform script or content injection attacks, and attempt to trick the user into disclosing sensitive...

7AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added 1970/01/01 12:0 a.m.16 views

Security Update For Exchange Server 2013 CU22 (KB4487563)

A spoofing vulnerability exists in Microsoft Exchange Server when Outlook Web Access OWA fails to properly handle web requests. An attacker who successfully exploited the vulnerability could perform script or content injection attacks, and attempt to trick the user into disclosing sensitive...

7AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added 1970/01/01 12:0 a.m.10 views

Security Update For Exchange Server 2016 CU12 (KB4487563)

A spoofing vulnerability exists in Microsoft Exchange Server when Outlook Web Access OWA fails to properly handle web requests. An attacker who successfully exploited the vulnerability could perform script or content injection attacks, and attempt to trick the user into disclosing sensitive...

7AI score
Exploits0
Rows per page
Query Builder