Lucene search
+L

7348 matches found

securityvulns
securityvulns
added 2007/05/30 12:0 a.m.24 views

Mozilla multiple addons upgrade weakness

Upgrade mechanism of multiple addons allows upgrade via unsecure HTTP connection without using of SSL/TLS certificates, makeing active man-in-the-middle attacks possible...

2.5AI score
Exploits0References1
securityvulns
securityvulns
added 2007/03/27 12:0 a.m.71 views

Fizzle : Firefox Extension Vulnerability

Fizzle allows feeds to use HTML in feed data resulting in JavaScript being run in the chrome: window with chrome permissions. The extension will convert HTML entities back to their ASCII equivalents thus becomes and so forth. Various feeds fields are vulnerable including the title which allows th...

7.2AI score
Exploits0
nvd
nvd
added 2006/06/06 8:6 p.m.11 views

CVE-2006-2843

PHP remote file inclusion vulnerability in Redaxo 2.7.4 allows remote attackers to execute arbitrary PHP code via a URL in the 1 REXINCLUDEPATH parameter in a addons/importexport/pages/index.inc.php and b pages/community.inc.php...

7.5CVSS7.6AI score0.03836EPSS
Exploits0References8
prion
prion
added 2006/06/06 8:6 p.m.21 views

Remote file inclusion

PHP remote file inclusion vulnerability in Redaxo 2.7.4 allows remote attackers to execute arbitrary PHP code via a URL in the 1 REXINCLUDEPATH parameter in a addons/importexport/pages/index.inc.php and b pages/community.inc.php...

7.5CVSS8.1AI score0.03836EPSS
Exploits0References8Affected Software1
nessus
nessus
added 2006/01/15 12:0 a.m.50 views

Ubuntu 4.10 / 5.04 : mozilla vulnerabilities (USN-155-1)

Secunia.com reported that one of the recent security patches in Firefox reintroduced the frame injection patch that was originally known as CAN-2004-0718. This allowed a malicious website to spoof the contents of other websites. CAN-2005-1937 It was discovered that a malicious website could injec...

7.5CVSS6.3AI score0.68097EPSS
Exploits8References13
nessus
nessus
added 2006/01/15 12:0 a.m.47 views

Ubuntu 5.04 : mozilla-firefox vulnerabilities (USN-149-1)

Secunia.com reported that one of the recent security patches in Firefox reintroduced the frame injection patch that was originally known as CAN-2004-0718. This allowed a malicious website to spoof the contents of other websites. CAN-2005-1937 In several places the browser user interface did not...

7.5CVSS6.4AI score0.68097EPSS
Exploits9References12
ubuntu
ubuntu
added 2005/08/01 5:47 p.m.63 views

USN-157-1: Mozilla Thunderbird vulnerabilities

Vladimir V. Perepelitsa discovered a bug in Thunderbird's handling of anonymous functions during regular expression string replacement. A malicious HTML email could exploit this to capture a random block of client memory. CAN-2005-0989 Georgi Guninski discovered that the types of certain XPInstal...

7.5CVSS6AI score0.68097EPSS
Exploits7
ubuntu
ubuntu
added 2005/07/27 4:34 a.m.68 views

USN-155-1: Mozilla vulnerabilities

Secunia.com reported that one of the recent security patches in Firefox reintroduced the frame injection patch that was originally known as CAN-2004-0718. This allowed a malicious web site to spoof the contents of other web sites. CAN-2005-1937 It was discovered that a malicious website could...

7.5CVSS6.3AI score0.68097EPSS
Exploits8
Rows per page
Query Builder