22 matches found
CVE-2025-71164
Typesetter CMS versions up to and including 5.1 contain a reflected cross-site scripting XSS vulnerability in the Editing component. The images parameter submitted as images in a POST request is reflected into an HTML href attribute without proper context-aware output encoding in...
CVE-2025-71164
Typesetter CMS versions up to and including 5.1 contain a reflected cross-site scripting XSS vulnerability in the Editing component. The images parameter submitted as images in a POST request is reflected into an HTML href attribute without proper context-aware output encoding in...
CVE-2025-71164
Typesetter CMS versions up to and including 5.1 contain a reflected cross-site scripting XSS vulnerability in the Editing component. The images parameter submitted as images in a POST request is reflected into an HTML href attribute without proper context-aware output encoding in...
EUVD-2026-2437
Typesetter CMS versions up to and including 5.1 contain a reflected cross-site scripting XSS vulnerability in the Editing component. The images parameter submitted as images in a POST request is reflected into an HTML href attribute without proper context-aware output encoding in...
CVE-2025-71164
Typesetter CMS versions up to and including 5.1 contain a reflected cross-site scripting XSS vulnerability in the Editing component. The images parameter submitted as images in a POST request is reflected into an HTML href attribute without proper context-aware output encoding in...
PT-2026-2944
Name of the Vulnerable Software and Affected Versions Typesetter CMS versions up to and including 5.1 Description Typesetter CMS versions up to and including 5.1 have a reflected cross-site scripting XSS issue in the Editing component. The images parameter, submitted as images in a POST request, ...
EUVD-2020-13383
Malware in sbrugna...
CVE-2020-20598
A cross-site scripting XSS vulnerability in the Editing component of lemon V1.10.0 allows attackers to execute arbitrary web scripts or HTML...
Cross site scripting
A cross-site scripting XSS vulnerability in the Editing component of lemon V1.10.0 allows attackers to execute arbitrary web scripts or HTML...
CVE-2020-20598
A cross-site scripting XSS vulnerability in the Editing component of lemon V1.10.0 allows attackers to execute arbitrary web scripts or HTML...
Lemon OA 跨站脚本漏洞
Lemon OA is an open source office OA system developed by XuHuisheng personal developer using the Java language.Lemon OA V1.10.0 version of the Editing component has a security vulnerability that can be exploited by attackers to execute arbitrary web scripts or HTML...
MS09-046: Vulnerability in the DHTML Editing Component ActiveX control could allow remote code execution
MS09-046: Vulnerability in the DHTML Editing Component ActiveX control could allow remote code execution INTRODUCTION Microsoft has released security bulletin MS09-046. To view the complete security bulletin, visit one of the following Microsoft Web sites: Home users:...
Microsoft DHTML Editing Component ActiveX Remote Code Execution Vulnerability (956844)
This host is missing a critical security update according to Microsoft Bulletin MS09-046. OpenVAS Vulnerability Test $Id: secpodms09-046.nasl 5363 2017-02-20 13:07:22Z cfi $ Microsoft DHTML Editing Component ActiveX Remote Code Execution Vulnerability 956844 Authors: Sharath S Copyright: Copyrigh...
Microsoft DHTML Editing Component ActiveX Remote Code Execution Vulnerability (956844)
This host is missing a critical security update according to Microsoft Bulletin MS09-046. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Design/Logic Flaw
The DHTML Editing Component ActiveX control in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 does not properly format HTML markup, which allows remote attackers to execute arbitrary code via a crafted web site that triggers "system state" corruption, aka "DHTML Editing Component...
Microsoft DHTML Editing Component ActiveX Control Code Execution (MS09-046; CVE-2009-2519)
The DHTML Editing Component ActiveX control provides an HTML editor that can be used to support dynamic Web site HTML editing in software. A remote code execution vulnerability has been reported in the DHTML Editing Component ActiveX Control. The vulnerability is due to a memory corruption error ...
Microsoft Active Template Library Object Type Mismatch Remote Code Execution Vulnerability
Description The Microsoft Active Template Library is prone to a remote code-execution vulnerability. NOTE: This issue affects a private version of the ATL used internally by Microsoft; components written by other vendors are likely unaffected. Remote attackers can exploit this issue to execute...
Microsoft Visual Studio Active Template Library COM Object Remote Code Execution Vulnerability
Description Microsoft Visual Studio is prone to a remote code-execution vulnerability in the Active Template Library ATL. Remote attackers can exploit this issue to execute arbitrary code with the privileges of the user running an application built against the affected library. Failed exploit...
Microsoft Visual Studio ATL 'VariantClear()' Remote Code Execution Vulnerability
Description Microsoft Visual Studio is prone to a remote code-execution vulnerability in the Active Template Library ATL. Remote attackers can exploit this issue to execute arbitrary code with the privileges of the user running an application built with the affected library. Technologies Affected...
MS05-013: Vulnerability in the DHTML Editing Component may allow code execution (891781)
The remote host is running a version of Windows which contains a flaw in the DHTML Editing Component ActiveX Control. An attacker could exploit this flaw to execute arbitrary code on the remote host. To exploit this flaw, an attacker would need to construct a malicious web page and lure a victim...