Lucene search
K

874 matches found

NVD
NVD
added 2008/07/30 5:41 p.m.15 views

CVE-2008-3367

Cross-site scripting XSS vulnerability in RTEpopuplink.asp in Web Wiz Rich Text Editor RTE 3.x and 4.x before 4.03 allows remote attackers to inject arbitrary web script or HTML via the email parameter...

4.3CVSS5.7AI score0.01272EPSS
Exploits1References6
CVE
CVE
added 2008/07/30 5:0 p.m.32 views

CVE-2008-3367

CVE-2008-3367 describes a cross-site scripting (XSS) vulnerability in Web Wiz Rich Text Editor (RTE) 3.x and 4.x before 4.03, where attacker-supplied input in the email parameter to RTE_popup_link.asp can inject arbitrary script or HTML. Affected software is the Web Wiz RTE web component; root ca...

4.3CVSS5.7AI score0.01272EPSS
Exploits1References6Affected Software1
securityvulns
securityvulns
added 2008/07/29 12:0 a.m.47 views

Multiple Cross-Site Scripting Vulnerabilities in Web Wiz Rich Text Editor version 4.02

Saved - 27-07-2008/13:10:02 .: Multiple Cross-Site Scripting Vulnerabilities in Web Wiz Rich Text Editor version 4.02 .: Author CSDT .: Affected versions http://www.webwizguide.com/ - Web Wiz Rich Text Editor RTE 4.02 .: Credit The disclosure of these issues has been credited to autehoker of CSDT...

0.4AI score
Exploits0
Packet Storm
Packet Storm
added 2008/07/29 12:0 a.m.27 views

webwiz-xss.txt

Saved - 27-07-2008/13:10:02 .: Multiple Cross-Site Scripting Vulnerabilities in Web Wiz Rich Text Editor version 4.02 .: Author CSDT .: Affected versions http://www.webwizguide.com/ - Web Wiz Rich Text Editor RTE 4.02 .: Credit The disclosure of these issues has been credited to autehoker of CSDT...

7.4AI score
Exploits0
Fedora
Fedora
added 2008/06/20 7:10 p.m.31 views

[SECURITY] Fedora 8 Update: xemacs-packages-extra-20070427-2.fc8

XEmacs is a highly customizable open source text editor and application development system. It is protected under the GNU General Public License and related to other versions of Emacs, in particular GNU Emacs. Its emphasis is on modern graphical user interface support and an open software...

6.8CVSS6.4AI score0.03662EPSS
Exploits1
Fedora
Fedora
added 2008/06/20 7:4 p.m.61 views

[SECURITY] Fedora 9 Update: xemacs-packages-extra-20070427-2.fc9

XEmacs is a highly customizable open source text editor and application development system. It is protected under the GNU General Public License and related to other versions of Emacs, in particular GNU Emacs. Its emphasis is on modern graphical user interface support and an open software...

6.8CVSS6.4AI score0.03662EPSS
Exploits1
Prion
Prion
added 2008/04/18 9:5 p.m.14 views

Cross site scripting

Cross-site scripting XSS vulnerability in Microsoft Windows SharePoint Services 2.0 allows remote attackers to inject arbitrary web script or HTML via the Picture Source aka picture object source field in the Rich Text Editor...

4.3CVSS6.1AI score0.08017EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2008/04/18 9:5 p.m.17 views

CVE-2008-1888

Cross-site scripting XSS vulnerability in Microsoft Windows SharePoint Services 2.0 allows remote attackers to inject arbitrary web script or HTML via the Picture Source aka picture object source field in the Rich Text Editor...

4.3CVSS5.7AI score0.08017EPSS
Exploits0References4
seebug.org
seebug.org
added 2008/04/11 12:0 a.m.16 views

Microsoft SharePoint服务器图片源码HTML注入漏洞

BUGTRAQ ID: 28706 SharePoint Server是一个服务器功能集成套件,提供全面的内容管理和企业搜索,加速共享业务流程并简化跨界限信息共享。 SharePoint Services 2.0中存在跨站脚本漏洞,在使用文本编辑器添加图片后保存网页时,没有正确地过滤某些字符串。如果用户的浏览器中启用了JavaScript的话,则在用户查看该网页时就会执行图片源码中所嵌入的脚本。 Microsoft Windows SharePoint Services 2.0 Microsoft ---------...

6.9AI score
Exploits0
seebug.org
seebug.org
added 2008/03/09 12:0 a.m.22 views

Programmer's Notepad ctags栈缓冲区溢出漏洞

BUGTRAQ ID: 28119 Programmer's Notepad是免费的开源文本编辑器。 Programmer's Notepad在处理ctags输出时存在栈溢出漏洞,攻击者可能利用此漏洞控制用户系统。 如果用户受骗打开了特制的.c文件并使用了Jump To对话框的话,就可以触发这个溢出,导致执行任意指令。 pnotepad.org Programmer's Notepad 2.0.6.1 pnotepad.org ------------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...

6.9AI score
Exploits0
NVD
NVD
added 2008/01/29 8:0 p.m.16 views

CVE-2008-0481

Directory traversal vulnerability in RTEfilebrowser.asp in Web Wiz Rich Text Editor 4.0 allows remote attackers to list arbitrary directories, and .txt and .zip files, via a .....\\ in the sub parameter in a save action...

5CVSS6.8AI score0.03878EPSS
Exploits1References9
Prion
Prion
added 2008/01/29 8:0 p.m.13 views

Design/Logic Flaw

RTEpopupsavefile.asp in Web Wiz Rich Text Editor 4.0 allows remote attackers to upload 1 .html and 2 .htm files via unspecified vectors...

6.4CVSS7.3AI score0.0262EPSS
Exploits1References7Affected Software1
Cvelist
Cvelist
added 2008/01/29 7:0 p.m.20 views

CVE-2008-0481

Directory traversal vulnerability in RTEfilebrowser.asp in Web Wiz Rich Text Editor 4.0 allows remote attackers to list arbitrary directories, and .txt and .zip files, via a .....\\ in the sub parameter in a save action...

6.8AI score0.03878EPSS
Exploits1References9
CVE
CVE
added 2008/01/29 7:0 p.m.48 views

CVE-2008-0473

Affected software: Web Wiz Rich Text Editor 4.0. Vulnerable component: RTE_popup_save_file.asp. Vulnerability summary: Remote attackers can upload (1) .html and (2) .htm files via unspecified vectors. Root cause (as stated): likely insufficient validation in the file-upload handling. Impact (as s...

6.4CVSS6.8AI score0.0262EPSS
Exploits1References7Affected Software1
CVE
CVE
added 2008/01/29 7:0 p.m.40 views

CVE-2008-0481

The CVE-2008-0481 entry concerns Web Wiz Rich Text Editor 4.0, where a directory-traversal flaw in RTE_file_browser.asp allows remote listing of arbitrary directories and .txt/.zip files via a malformed path in the sub parameter of a save action. The root cause is a traversal vulnerability in the...

5CVSS6.8AI score0.03878EPSS
Exploits1References9Affected Software1
Packet Storm
Packet Storm
added 2008/01/24 12:0 a.m.37 views

wwrte-traverse.txt

WwW.BugReport.ir AmnPardaz Security Research Team Title: Web Wiz Rich Text EditorTM Vendor: http://www.webwizguide.com/ Bug: Directory traversal + HTM/HTML file creation on the server Vulnerable Version: 4.0 Exploit: Available Fix Available: No! Fast Solution is available. - Description: Web Wiz...

7.4AI score
Exploits0
0day.today
0day.today
added 2008/01/23 12:0 a.m.29 views

Web Wiz Rich Text Editor 4.0 Multiple Remote Vulnerabilities

Exploit for unknown platform in category web applications ============================================================ Web Wiz Rich Text Editor 4.0 Multiple Remote Vulnerabilities ============================================================ AmnPardaz Security Research Team Title: Web Wiz Rich Tex...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2008/01/23 12:0 a.m.29 views

Web Wiz (Multiple Products) - Remote Information Disclosure

source: https://www.securityfocus.com/bid/27419/info Web Wiz Forums, NewsPad, and Rich Text Editor are prone to a remote information-disclosure vulnerability because they fail to properly sanitize user-supplied input. An attacker can exploit this issue to retrieve arbitrary files in the context o...

7.4AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2007/12/24 8:46 p.m.2 views

CVE-2007-6522

The rich text editing functionality in Opera before 9.25 allows remote attackers to conduct cross-domain scripting attacks by using designMode to modify contents of pages in other domains...

4.3CVSS5.5AI score0.01738EPSS
Exploits1References17
Fedora
Fedora
added 2007/11/17 5:34 a.m.22 views

[SECURITY] Fedora 7 Update: emacs-22.1-5.fc7

Emacs is a powerful, customizable, self-documenting, modeless text editor. Emacs contains special code editing features, a scripting language elisp, and the capability to read mail, news, and more without leaving the editor. This package provides an emacs binary with support for X windows...

6.3CVSS2.7AI score0.00724EPSS
Exploits0
Rows per page
Query Builder