2334 matches found
YaBB 9.1.2000 - Cross-Agent Scripting
source: https://www.securityfocus.com/bid/3828/info YaBB Yet Another Bulletin Board is freely available web forums/community software that is written in Perl. YaBB will run on most Unix/Linux variants, MacOS, and Microsoft Windows 9x/ME/NT/2000/XP platforms. YaBB is prone to cross-agent scripting...
DeleGate 7.7.1 - Cross-Site Scripting
DeleGate 7.7.1 - Cross-Site Scripting source: https://www.securityfocus.com/bid/3749/info DeleGate is a proxy server which runs on Linux , Unix, Microsoft Windows and OS/2 platforms. It is capable of translating a number of protocolsHTTP, FTP, NNTP, POP, Telnet, etc. between client and server...
CVE-2001-0340
An interaction between the Outlook Web Access OWA service in Microsoft Exchange 2000 Server and Internet Explorer allows attackers to execute malicious script code against a user's mailbox via a message attachment that contains HTML code, which is executed automatically...
IBM WebSphere vulnerable to Cross-Site Scripting via passing of user input directly to default error page
Overview Web Servers that use the IBM WebSphere Java Servlet Container 3.5 and earlier are vulnerable to a cross-site scripting vulnerability. A web site may inadvertently include malicious HTML tags or scriptJavaScript, VBScript, Java, etc. in a dynamically generated page based on unvalidated...
Apache Tomcat vulnerable to Cross-Site Scripting via passing of user input directly to default error page
Overview Web Servers that use the Apache Tomcat Java Servlet Container are vulnerable to a cross-site scripting vulnerability. A web site may inadvertently include malicious HTML tags or scriptJavaScript, VBScript, Java, etc. in a dynamically generated page based on unvalidated input from...
PHP 4.x - SafeMode Arbitrary File Execution
PHP 4.x - SafeMode Arbitrary File Execution source: https://www.securityfocus.com/bid/2954/info PHP is the Personal HomePage development toolkit, distributed by the PHP.net, and maintained by the PHP Development Team in public domain. A problem with the toolkit could allow elevated privileges, an...
Microsoft Internet Explorer 5.5 - File Disclosure
Microsoft Internet Explorer 5.5 - File Disclosure source: https://www.securityfocus.com/bid/2833/info Internet Explorer contains a flaw which could enable a remote web site operator to retrieve a known file from a visiting user's system. If a specially formed script containing GetObject function...
Bajie WebServer 0.780.90 - Remote Command Execution
Bajie WebServer 0.780.90 - Remote Command Execution source: https://www.securityfocus.com/bid/2388/info It is possible to execute arbitrary commands on a host running Bajie Webserver. A remote user can use Bajie's built-in upload feature to place malicious scripts on Bajie webservers. These...
Bajie WebServer 0.78/0.90 - Remote Command Execution
source: https://www.securityfocus.com/bid/2388/info It is possible to execute arbitrary commands on a host running Bajie Webserver. A remote user can use Bajie's built-in upload feature to place malicious scripts on Bajie webservers. These uploaded scripts are placed in known destination...
CVE-2000-1112
Microsoft Windows Media Player 7 executes scripts in custom skin .WMS files, which could allow remote attackers to gain privileges via a skin that contains a malicious script, aka the ".WMS Script Execution" vulnerability...
cuartango-window.txt
Cuartango Window http://pages.whowhere.com/computers/cuartangojc/cuartangow1.html Affected software Microsoft Internet Explorer 4 Risks Your computer is at risk a malicious VBScript can get full control over your system. The VBScript can de everything : delete files, install viruses, read your...
cuartango-msie.txt
Cuartango security Hole http://pages.whowhere.com/computers/cuartangojc/cuartangoh1.html Affected software Microsoft Internet Explorer 4 Microsoft Internet Explorer 5 Preview Risks Major : Your computer files can be sent to a WEB site by a malicious Script if the file name is known. Technical...
Oracle 8 8.1.5 - Intelligent Agent (1)
source: https://www.securityfocus.com/bid/585/info A vulnerability in the Oracle Intelligent Agent allows local malicious users to execute arbitrary commands and to create world writable files as the root user. The problem lies in the dbsnmp program located in $ORACLEHOME/bin . This setuid root a...
Security Update for Microsoft Office 2002 (KB956464)
A vulnerability exists in Microsoft Office XP that could allow malicious script to run when you click a hyperlink. This update resolves that vulnerability...