CVE-2006-5819

Verity Ultraseek before 5.7 allows remote attackers to use the server as a proxy for web attacks and host scanning via a direct request to the highlight/index.html script...

CVE-2006-5819

CVE-2006-5819 affects Verity Ultraseek up to version 5.7. The flaw resides in the vulnerable highlight script (/highlight/index.html), which allows an unauthenticated remote attacker to proxy web requests, enabling access to internal content, enumerate non-public hosts, and perform cross-site scr...

Verity Ultraseek Request Proxying Vulnerability

This vulnerability allows remote attackers to proxy web attacks and scan internal hosts through vulnerable installations of Verity Ultraseek. Authentication is not required to exploit this vulnerability. The specific flaw exists within the highlight script used to highlight search terms on spider...

[SA13644] Crystal Enterprise Report File Cross-Site Scripting Vulnerability

TITLE: Crystal Enterprise Report File Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA13644 VERIFY ADVISORY: http://secunia.com/advisories/13644/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: Crystal Enterprise 9 http://secunia.com/product/3552/ Cryst...

Mozilla Bonsai - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/5516/info Multiple cross site scripting vulnerabilities have been reported for the Bonsai tool. An attacker may exploit this vulnerability by causing a victim user to follow a malicious link. Attacker-supplied code may execute within the context of the si...