WordPress Shockingly Big IE6 Warning plugin <= 1.6.3 - CSRF to Stored XSS vulnerability

CSRF to Stored XSS vulnerability discovered by SOPROBRO in WordPress Plugin Shockingly Big IE6 Warning versions = 1.6.3...

WordPress plugin Shockingly Big IE6 Warning 跨站请求伪造漏洞

WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in PHP. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. WordPress plugin Shockingly Big A cross-site request forgery vulnerability exists in...

PT-2025-4881 · Unknown · Shockingly Big Ie6 Warning

Name of the Vulnerable Software and Affected Versions: Shockingly Big IE6 Warning versions n/a through 1.6.3 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows Stored XSS. This means an attacker can trick a user into performing unintended actions on a web...

SUSE CVE-2011-4345

Cross-site scripting XSS vulnerability in Namazu before 2.0.21, when Internet Explorer 6 or 7 is used, allows remote attackers to inject arbitrary web script or HTML via a cookie...

CVE-2013-0090

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CCaret Use After Free Vulnerability."...

CVE-2013-0018

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer SetCapture Use After Free Vulnerability."...

PT-2011-3356 · Mediawiki · Mediawiki

Cross-site scripting XSS vulnerability in MediaWiki before 1.16.5, when Internet Explorer 6 or earlier is used, allows remote attackers to inject arbitrary web script or HTML via an uploaded file accessed with a dangerous extension such as .shtml at the end of the query string, in conjunction wit...

CVE-2011-1587

Cross-site scripting XSS vulnerability in MediaWiki before 1.16.4, when Internet Explorer 6 or earlier is used, allows remote attackers to inject arbitrary web script or HTML via an uploaded file accessed with a dangerous extension such as .html located before a ? question mark in a query string,...

PT-2011-3239 · Microsoft +1 · Internet Explorer +1

Name of the Vulnerable Software and Affected Versions: MediaWiki versions prior to 1.16.4 Description: A cross-site scripting XSS issue allows remote attackers to inject arbitrary web script or HTML via an uploaded file with a dangerous extension, such as .html, when accessed with a specific quer...

PT-2010-2963 · Microsoft · Internet Explorer

Name of the Vulnerable Software and Affected Versions: Microsoft Internet Explorer versions 6 through 8 Description: The issue allows remote attackers to execute script in an unintended domain or security zone, and obtain sensitive information. An information disclosure vulnerability exists that...

CVE-2010-1991

Microsoft Internet Explorer 6.0.2900.2180, 7, and 8.0.7600.16385 executes a mail application in situations where an IFRAME element has a mailto: URL in its SRC attribute, which allows remote attackers to cause a denial of service excessive application launches via an HTML document with many IFRAM...

PT-2009-3202 · Microsoft · Windows Server 2003 +4

Name of the Vulnerable Software and Affected Versions: Microsoft Internet Explorer versions 6 and 7 on Windows XP SP2 and SP3 Microsoft Internet Explorer versions 6 and 7 on Windows Server 2003 SP1 and SP2 Microsoft Internet Explorer version 7 on Windows Vista Gold and SP1 Microsoft Internet...

PT-2007-4742 · Microsoft · Internet Explorer

Name of the Vulnerable Software and Affected Versions: Microsoft Internet Explorer versions 6 through 7 Description: A cross-domain issue allows remote attackers to bypass the Same Origin Policy and access restricted information from other domains via JavaScript. This is achieved by overwriting t...

DEBIAN-CVE-2007-0341

Cross-site scripting XSS vulnerability in phpMyAdmin 2.8.1 and earlier, when Microsoft Internet Explorer 6 is used, allows remote attackers to inject arbitrary web script or HTML via a javascript: URI in a CSS style in the convcharset parameter to the top-level URI, a different vulnerability than...

CVE-2006-3730

Integer overflow in Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service crash and execute arbitrary code via a 0x7fffffff argument to the setSlice method on a WebViewFolderIcon ActiveX object, which leads to an invalid memory copy...

PT-2006-3037 · Microsoft · Outlook +2

Name of the Vulnerable Software and Affected Versions: Internet Explorer 6 for Windows XP SP2 Description: The issue allows remote attackers to modify command line arguments to an invoked mail client via " double quote characters in a mailto: scheme handler. This can be demonstrated by launching...

VulnCheck KEV: CVE-2004-0549

The WebBrowser ActiveX control, or the Internet Explorer HTML rendering engine MSHTML, as used in Internet Explorer 6, allows remote attackers to execute arbitrary code in the Local Security context by using the showModalDialog method and modifying the location to execute code such as...