Lucene search
K

96 matches found

CVE
CVE
added 2015/02/19 11:0 a.m.39 views

CVE-2014-6304

CVE-2014-6304 affects PNMsoft Sequence Kinetics—the Form Controls CSS file—where information disclosure enables remote attackers to obtain sensitive source-code information. Public entries indicate impact for Sequence Kinetics versions up to 7.6 (CNVD reference cites 7.5 and earlier; NVD notes vu...

5CVSS6.4AI score0.01173EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2014/12/11 3:59 p.m.17 views

Cross site scripting

Cross-site scripting XSS vulnerability in JBoss RichFaces, as used in JBoss Portal 6.1.1, allows remote attackers to inject arbitrary web script or HTML via crafted URL, which is not properly handled in a CSS file...

4.3CVSS6.1AI score0.00974EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2014/12/11 3:59 p.m.23 views

CVE-2014-7852

Cross-site scripting XSS vulnerability in JBoss RichFaces, as used in JBoss Portal 6.1.1, allows remote attackers to inject arbitrary web script or HTML via crafted URL, which is not properly handled in a CSS file...

4.3CVSS5.7AI score0.00974EPSS
Exploits0References2
CVE
CVE
added 2014/12/11 3:0 p.m.50 views

CVE-2014-7852

The CVE-2014-7852 issue is a cross-site scripting (XSS) vulnerability in JBoss RichFaces used by Red Hat JBoss Portal 6.1.1, where RichFaces accepted arbitrary strings in a URL and returned them unencoded in a CSS file. The Red Hat advisory RHSA-2014:1973 documents that this could enable an attac...

4.3CVSS5.8AI score0.00974EPSS
Exploits0References2Affected Software1
WPVulnDB
WPVulnDB
added 2014/08/01 10:59 a.m.8 views

A Forms 1.4.0 - a-forms.php aform_css_file_selector() Function css_file_selection Parameter XSS

The A Forms WordPress plugin was affected by an a-forms.php aformcssfileselector Function cssfileselection Parameter XSS security vulnerability...

2.4AI score
Exploits0Affected Software1
Prion
Prion
added 2011/10/08 2:52 a.m.22 views

Stack overflow

Stack-based buffer overflow in gwia.exe in GroupWise Internet Agent GWIA in Novell GroupWise 8.0 before HP3 allows remote attackers to execute arbitrary code via a long HTTP request for a .css file...

10CVSS8.7AI score0.04822EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2011/10/08 1:0 a.m.62 views

CVE-2011-0334

CVE-2011-0334 describes a stack-based buffer overflow in gwia.exe, part of Novell GroupWise Internet Agent (GWIA) . The vulnerability occurs when GWIA handles long HTTP requests for certain .css resources, allowing remote attackers to execute arbitrary code. Affected software is GroupWise 8.0 pri...

10CVSS8.2AI score0.04822EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2011/10/08 1:0 a.m.27 views

CVE-2011-0334

Stack-based buffer overflow in gwia.exe in GroupWise Internet Agent GWIA in Novell GroupWise 8.0 before HP3 allows remote attackers to execute arbitrary code via a long HTTP request for a .css file...

8AI score0.04822EPSS
Exploits0References3
seebug.org
seebug.org
added 2009/02/03 12:0 a.m.20 views

Groone's Guestbook 2.0 Remote File Inclusion Vulnerability

No description provided by source. GBOOK v2.0 Remote File Include Vulnerability http://www.groonesworld.com/programs/gbook/gbook.zip ======================================================== Author: k3vin mitnick tunisianblackhat team = = Home : http://tunisianblackhat.com & scarface-team.org = =...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2008/09/01 12:0 a.m.16 views

WeBid 0.5.4 Multiple Remote Vulnerabilities

No description provided by source. || || | || o,7 || . o7 || 4||| ow, : / / . ================================ ========================== ==================== |-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=| | | | /' \ /'\ /\ \ /'\ /\ \ | | /, \ /\/\L\ \ \ \ ,/\ /\ \ ...

7.1AI score
Exploits0
Prion
Prion
added 2006/05/12 12:2 a.m.18 views

Code injection

Jelsoft vBulletin accepts uploads of Cascading Style Sheets CSS and processes them in a way that allows remote authenticated administrators to gain shell access by uploading a CSS file that contains PHP code, then selecting the file via the style chooser, which causes the PHP code to be executed...

6.5CVSS7.9AI score0.03386EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2006/05/12 12:2 a.m.14 views

CVE-2006-2335

Jelsoft vBulletin accepts uploads of Cascading Style Sheets CSS and processes them in a way that allows remote authenticated administrators to gain shell access by uploading a CSS file that contains PHP code, then selecting the file via the style chooser, which causes the PHP code to be executed...

6.5CVSS7.1AI score0.03386EPSS
Exploits1References4
Cvelist
Cvelist
added 2006/05/12 12:0 a.m.17 views

CVE-2006-2335

Jelsoft vBulletin accepts uploads of Cascading Style Sheets CSS and processes them in a way that allows remote authenticated administrators to gain shell access by uploading a CSS file that contains PHP code, then selecting the file via the style chooser, which causes the PHP code to be executed...

7.1AI score0.03386EPSS
Exploits1References4
CVE
CVE
added 2006/05/12 12:0 a.m.51 views

CVE-2006-2335

Jelsoft vBulletin (CSS upload handling) is affected by a vulnerability where uploading a CSS file containing PHP code and selecting it via the style chooser can result in the PHP code being executed. The issue is described as enabling remote authenticated administrators to gain shell access throu...

6.5CVSS7.1AI score0.03386EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2006/02/15 11:0 a.m.27 views

CVE-2005-4717

Microsoft Internet Explorer 6.0 on Windows NT 4.0 SP6a, Windows 2000 SP4, Windows XP SP1, Windows XP SP2, and Windows Server 2003 SP1 allows remote attackers to cause a denial of service client crash via a certain combination of a malformed HTML file and a CSS file that triggers a null dereferenc...

6.5AI score0.19476EPSS
Exploits1References3
NVD
NVD
added 2005/12/31 5:0 a.m.24 views

CVE-2005-4717

Microsoft Internet Explorer 6.0 on Windows NT 4.0 SP6a, Windows 2000 SP4, Windows XP SP1, Windows XP SP2, and Windows Server 2003 SP1 allows remote attackers to cause a denial of service client crash via a certain combination of a malformed HTML file and a CSS file that triggers a null dereferenc...

5CVSS6.5AI score0.19476EPSS
Exploits1References3
Rows per page
Query Builder