194 matches found
Apple Safari / Konqueror SCRIPT tag filtering bypass
Brower follows script tags within HTML comment. It violates HTML standard...
DEBIAN-CVE-2006-2783
Mozilla Firefox and Thunderbird before 1.5.0.4 strip the Unicode Byte-order-Mark BOM from a UTF-8 page before the page is passed to the parser, which allows remote attackers to conduct cross-site scripting XSS attacks via a BOM sequence in the middle of a dangerous tag such as SCRIPT...
FlatNuke 2.5.5 - 'structure.php' Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/14483/info FlatNuke is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these vulnerabilities to inject html and script code into...
Solaris 7 (sparc) : 108414-07
SunOS 5.7: /usr/bin/cpio patch. Date this patch was last updated by Sun : Sep/27/04 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network Security, Inc. if !...
DEBIAN-CVE-2002-0738
MHonArc 2.5.2 and earlier does not properly filter Javascript from archived e-mail messages, which could allow remote attackers to execute script in web clients by 1 splitting the SCRIPT tag into smaller pieces, 2 including the script in a SRC argument to an IMG tag, or 3 using "&=script" syntax...
CVE-2001-0807
The provided records indicate CVE-2001-0807 affects Internet Explorer 5.0 (and possibly other versions). The vulnerability allows a remote attacker from a malicious web page to read known text files from a client’s hard drive by using a SCRIPT tag with a SRC attribute that points to the local tex...
CVE-2001-0807
Internet Explorer 5.0, and possibly other versions, may allow remote attackers malicious web pages to read known text files from a client's hard drive via a SCRIPT tag with a SRC value that points to the text file...
CVE-2001-0520
Aladdin eSafe Gateway versions 3.0 and earlier allows a remote attacker to circumvent filtering of SCRIPT tags by embedding the scripts within certain HTML tags including 1 onload in the BODY tag, 2 href in the A tag, 3 the BUTTON tag, 4 the INPUT tag, or 5 any other tag in which scripts can be...
CVE-2001-0520
Aladdin eSafe Gateway versions 3.0 and earlier allows a remote attacker to circumvent filtering of SCRIPT tags by embedding the scripts within certain HTML tags including 1 onload in the BODY tag, 2 href in the A tag, 3 the BUTTON tag, 4 the INPUT tag, or 5 any other tag in which scripts can be...
Netscape Enterprise Server 4.0/sparc/SunOS 5.7 - Remote Command Execution
!/usr/bin/perl Remote sploit for Netscape Enterprise Server 4.0/sparc/SunOS 5.7 usage: ns-shtml.pl 'command line' | nc victim port Sometimes server may hang or coredump.. eek ;- [email protected] $cmdline="echo 'ingreslock stream tcp nowait root /bin/sh sh -i' /tmp/bob; /usr/sbin/inetd -s...
thong.pl
Written by hypoclear - http://hypoclear.cjb.net Thong-th-thong-th-thong.pl AKA thong.pl is a PERL script which automates several attacks against various Cisco products. To be specific: 12-13-00 - Cisco Catalyst ssh Protocol Mismatch DoS Vulnerability 11-28-00 - Cisco 675 Web Administration Denial...
Локальная дырка в IIS (.ASP buffer overflow)
Длинный параметр LANGUAGE тага SCRIPT приводит к переполнению буфера на сервере, что позволяет локальному пользователю получить привилегии системы. В сочетании с другими ошибками может привести к удаленной атаке...
CVE-2000-0116
Firewall-1 does not properly filter script tags, which allows remote attackers to bypass the "Strip Script Tags" restriction by including an extra in front of the SCRIPT tag...
Check Point Software Firewall-1 3.0 Script - Tag Checking Bypass
source: https://www.securityfocus.com/bid/954/info Firewall-1 includes the ability to alter script tags in HTML pages before passing them to the client's browser. This alteration invalidates the tag, rendering the script unexecutable by the browser. In version 3, this function can be bypassed by...