Lucene search
K

106 matches found

Cvelist
Cvelist
added 2007/04/30 11:0 p.m.30 views

CVE-2007-2376

The Dojo framework exchanges data using JavaScript Object Notation JSON without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and captures the data using other...

6.5AI score0.01557EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2007/04/30 11:0 p.m.45 views

CVE-2007-2383

The Prototype prototypejs framework before 1.5.1 RC3 exchanges data using JavaScript Object Notation JSON without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and...

5CVSS6.2AI score0.02374EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2007/04/30 12:0 a.m.5 views

PT-2007-3718 · Yahoo · Yahoo! Ui

Name of the Vulnerable Software and Affected Versions: Yahoo! UI framework affected versions not specified Description: The issue allows remote attackers to obtain data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and captures the data using other...

5CVSS6.1AI score0.01105EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2007/04/30 12:0 a.m.8 views

PT-2007-3709 · Dojo Foundation · Dojo

Name of the Vulnerable Software and Affected Versions: Dojo framework affected versions not specified Description: The issue concerns the exchange of data using JavaScript Object Notation JSON without proper protection, allowing remote attackers to obtain the data. This is achieved through a web...

5CVSS6.2AI score0.01557EPSS
Exploits0References3
NVD
NVD
added 2006/07/13 12:5 a.m.16 views

CVE-2006-3538

Multiple cross-site scripting XSS vulnerabilities in demo.php in BeatificFaith Eprayer Alpha allow remote attackers to inject arbitrary web script or HTML via the SRC attribute of a SCRIPT element in the 1 "Your name" field and 2 "Enter Prayer Request here" field...

5.8CVSS5.8AI score0.01903EPSS
Exploits1References5
Cvelist
Cvelist
added 2006/07/13 12:0 a.m.16 views

CVE-2006-3538

Multiple cross-site scripting XSS vulnerabilities in demo.php in BeatificFaith Eprayer Alpha allow remote attackers to inject arbitrary web script or HTML via the SRC attribute of a SCRIPT element in the 1 "Your name" field and 2 "Enter Prayer Request here" field...

5.8AI score0.01903EPSS
Exploits1References5
Rows per page
Query Builder