Zimbra Collaboration Suite script execution vulnerability

Overview Zimbra Collaboration Suite, a web collaboration tool from Zimbra, Inc., contains a vulnerability that could allow a remote attacker to execute an arbitrary script on the user's web browser. Zimbra Collaboration Suite is a web collaboration tool that provides calendar, address book,...

CVE-2008-1081

Opera before 9.26 allows user-assisted remote attackers to execute arbitrary script via images that contain custom comments, which are treated as script when the user displays the image properties...

ImgSvr 0.6.21 - Error Message Remote Script Execution

source: https://www.securityfocus.com/bid/27033/info ImgSvr is prone to a remote script-execution vulnerability because it fails to adequately sanitize user-supplied input. Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also...

ImgSvr 0.6.21 - Error Message Remote Script Execution

ImgSvr 0.6.21 - Error Message Remote Script Execution source: https://www.securityfocus.com/bid/27033/info ImgSvr is prone to a remote script-execution vulnerability because it fails to adequately sanitize user-supplied input. Exploiting this issue may allow an attacker to compromise the...

DEBIAN-CVE-2007-0801

The nsExternalAppHandler::SetUpTempFile function in Mozilla Firefox 1.5.0.9 creates temporary files with predictable filenames based on creation time, which allows remote attackers to execute arbitrary web script or HTML via a crafted XMLHttpRequest...

CVE-2007-0801

The nsExternalAppHandler::SetUpTempFile function in Mozilla Firefox 1.5.0.9 creates temporary files with predictable filenames based on creation time, which allows remote attackers to execute arbitrary web script or HTML via a crafted XMLHttpRequest...

cpanel10.txt

A new vulnerability was found in Cpanel V.10; It happen cause the variable &File of the select.html file in the edit-zone just filter the 's labels and the possibility can by open to other labels like Server Side Include, HMTL labels... including Javascript expressed in other ways An attacker can...

ICQ Client Cross-Application Scripting (XAS)

ICQ Client Cross-Application Scripting XAS by [email protected] Severity: Low Potential Impact: Remote script execution ICQ client in some condition is vulnerable to remote script injection into used Internet Explorer in My Computer Security Zone. Detailed description quote...

CoMoblog 1.0 - 'Img.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/17201/info CoMoblog is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of ...

CVE-2005-1154

Firefox before 1.0.3 and Mozilla Suite before 1.7.7 allows remote attackers to execute arbitrary script in other domains via a setter function for a variable in the target domain, which is executed when the user visits that domain, aka "Cross-site scripting through global scope pollution."...

security flaw

Firefox before 1.0.3 and Mozilla Suite before 1.7.7 allows remote attackers to execute arbitrary script in other domains via a setter function for a variable in the target domain, which is executed when the user visits that domain, aka "Cross-site scripting through global scope pollution."...

GLSA-200504-23 : Kommander: Insecure remote script execution

The remote host is affected by the vulnerability described in GLSA-200504-23 Kommander: Insecure remote script execution Kommander executes data files from possibly untrusted locations without user confirmation. Impact : An attacker could exploit this to execute arbitrary code with the permission...

security flaw

Firefox before 1.0.3 and Mozilla Suite before 1.7.7 allows remote attackers to execute arbitrary script in other domains via a setter function for a variable in the target domain, which is executed when the user visits that domain, aka "Cross-site scripting through global scope pollution."...

Alstrasoft EPay Pro 2.0 - Remote File Inclusion

source: https://www.securityfocus.com/bid/12973/info EPay Pro is reported prone to a remote file include vulnerability. The problem presents itself specifically when an attacker passes the location of a remote attacker-specified script through the 'view' parameter. An attacker may leverage this...

CVE-2004-1594

Cross-site scripting XSS vulnerability in FuseTalk 4.0 allows remote attackers to execute arbitrary web script via an img src tag...

CVE-2004-1690

Cross-site scripting XSS vulnerability in the Web Server in DNS4Me 3.0.0.4 allows remote attackers to execute arbitrary web script or HTML via the URL...

CVE-2004-1499

Cross-site scripting XSS vulnerability in the compose message form in HELM 3.1.19 and earlier allows remote attackers to execute arbitrary web script or HTML via the Subject field...

CVE-2004-1100

Cross-site scripting XSS vulnerability in mailpost.exe in MailPost 5.1.1sv, and possibly earlier versions, when debug mode is enabled, allows remote attackers to execute arbitrary web script or HTML via the append parameter...

CVE-2004-2128

Cross-site scripting XSS vulnerability in BRS WebWeaver 1.07 allows remote attackers to execute arbitrary script as other users via the query string to ISAPISkeleton.dll...

CVE-2004-1551

Cross-site scripting XSS vulnerability in the 1 email or 2 file modules in paFileDB 3.1 Final allows remote attackers to execute arbitrary web script or HTML via the id parameter...