NetCat.ru NetCat CMS HTML Injection Vulnerability

NetCat.ru NetCat CMS is a content management system. An HTML injection vulnerability exists in NetCat.ru NetCat CMS, which allows remote attackers to exploit the vulnerability by submitting a special request for an HTML injection attack...

Mozilla Thunderbird Linux Gstreamer Plugin H.264 Video Processing Buffer Overflow Vulnerability

Mozilla Thunderbird is a mail tool adapted from the mail widget of the Mozilla browser. The Linux Gstreamer plugin used by Mozilla Thunderbird to handle H.264 suffers from a buffer overflow vulnerability that allows remote attackers to exploit the vulnerability by submitting a special HTML messag...

Mozilla Thunderbird Text Processing Memory Misreference Vulnerability

Mozilla Thunderbird is a mail tool adapted from the mail widget of the Mozilla browser. A memory misreference vulnerability exists in Mozilla Thunderbird's handling of text when Vertical text is enabled, which allows remote attackers to exploit the vulnerability by submitting a special HTML email...

Mozilla Thunderbird XML Content Parsing Buffer Overflow Vulnerability

Mozilla Thunderbird is a mail tool adapted from the mail widget of the Mozilla browser. A buffer overflow vulnerability in Mozilla Thunderbird's handling of compressed XML content allows remote attackers to exploit the vulnerability by submitting a specially crafted HTML message that can be trick...

Oracle E-Business Suite suffers from a remote vulnerability (CNVD-2015-02472)

Oracle E-Business Suite is a new generation of e-business suite from Oracle. A remote security vulnerability exists in Oracle E-Business Suite. It allows attackers to exploit this vulnerability to compromise the 'Configurator DMZ rules' subcomponent in the 'HTTP' protocol...

Apple Mac OS X/iOS CFNetwork HTTPProtocol Cross Domain COOKIE Disclosure Vulnerability

Apple Mac OS X is an operating system developed by Apple Inc. Apple iOS is the latest operating system that runs on Apple's iPhone and iPod touch devices. A cross-domain COOKIE disclosure vulnerability in the Apple Mac OS X/iOS CFNetwork HTTPProtocol handling redirection allows attackers to explo...

Barracuda Networks IM Firewall HTML Injection Vulnerability

Barracuda Networks IM Firewall is an instant messaging solution from Barracuda Networks that integrates an IM server, client management and security measures. The solution provides keyword identification and reporting, file transfer, IM traffic identification and logging. An HTML injection...

Barracuda Networks Web Application Firewall 660 HTML Injection Vulnerability

Barracuda Networks Web Application Firewall 660 is a web application firewall from Barracuda Networks. An HTML injection vulnerability exists in the cgi-mod/index.cgi file in the Barracuda Networks Web Application Firewall 660. When a user browses the affected site, their browser will execute...

MyBB MyCode Editor Cross-Site Scripting Vulnerability

MyBB is a PHP-based forum program. A cross-site scripting vulnerability exists in the MyBB editor in versions prior to MyBB 1.8.4, which can be exploited by remote attackers to inject arbitrary Web script or HTML...

Zeuscart Information Disclosure Vulnerability

ZeusCart is an open source shopping system based on PHP and MySQL designed for small and medium-sized online stores. A security vulnerability exists in ZeusCart version 4. A remote attacker can exploit the vulnerability to obtain configuration information by calling the 'phpinfo' function in admi...

CreA8social 'Add Game' Field HTML Injection Vulnerability

CreA8social is a social networking platform. An HTML injection vulnerability exists in the CreA8social 'Add Game' field, where attacker-supplied HTML or JavaScript code can run on the affected site. This allows an attacker to steal cookie-based authentication credentials and control the content...

Multiple HTML Injection Vulnerabilities in MyBB

MyBB is a popular forum program. MyBB suffers from multiple HTML injection vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can execute the provided HTML and script code in the context of the affected site...

Saurus CMS has multiple vulnerabilities

Saurus CMS is a content management system. Saurus CMS fails to properly filter user input, allowing attackers to exploit vulnerabilities to conduct cross-site scripting and HTML injection attacks that could obtain sensitive information or hijack user sessions...

IBM Tivoli Endpoint Manager HTML Injection Vulnerability

IBM Tivoli Endpoint Manager provides a unified, real-time visualization and implementation approach to deploying and managing patches to all endpoints. IBM Tivoli Endpoint Manager failed to properly filter user-submitted input, allowing remote attackers to exploit vulnerabilities to inject...

SerVision HVG Video Gateway devices with firmware elevation of privilege vulnerability

SerVision HVG Video Gateway is an intelligent video gateway product from SerVision Israel. An elevation of privilege vulnerability exists in SerVision HVG Video Gateway devices with firmware. It allows an authenticated remote user to gain privileges by exploiting a cookie received in an HTTP...

Multiple HTML Injection Vulnerabilities in FerretCMS

FerretCMS is a content management system. Multiple HTML injection vulnerabilities exist in FerretCMS, which could be exploited by an attacker to execute arbitrary HTML and script code in the context of an affected application...

McAfee Data Loss Prevention Endpoint HTML Injection Vulnerability

McAfee Network Data Loss Prevention monitors network traffic and protects against data loss. An HTML injection vulnerability exists in McAfee Data Loss Prevention Endpoint, which could allow an attacker to execute arbitrary HTML and script code in the context of a user's browser at an affected si...

Siemens Scalance X Switches 'HTTP' Request Denial of Service Vulnerability

Siemens Scalance X Switches are switching devices developed by Siemens. The Siemens Scalance X Switches 'HTTP' request denial of service vulnerability allows an attacker to reboot the affected device and deny service to legitimate users...

Oracle Transportation Management Remote Vulnerability (CNVD-2015-00480)

Oracle Transportation Manager is a transportation management system developed by Oracle Corporation. A remote vulnerability in Oracle Transportation Management allows attackers to exploit the 'HTTP' protocol to compromise the 'Security' subcomponent...

Oracle Transportation Management Remote Vulnerability (CNVD-2015-00481)

Oracle Transportation Manager is a transportation management system developed by Oracle Corporation. A remote vulnerability in Oracle Transportation Management allows attackers to exploit the 'HTTP' protocol to compromise the 'Security' subcomponent...