CVE-2007-4040

Argument injection vulnerability involving Microsoft Outlook and Outlook Express, when certain URIs are registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in an unspecified URI, which are inserted into the command...

Adobe Experience Manager cross-site scripting vulnerability (CNVD-2025-30924)

Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...

CVE-2025-42886

Due to a Reflected Cross-Site Scripting XSS vulnerability in SAP Business Connector, an unauthenticated attacker could generate a malicious link and make it publicly accessible. If an authenticated victim accesses this link, the injected input is processed during web page generation, resulting in...

EUVD-2007-4022

Malware in sbrugna...

EUVD-2007-3908

Malware in sbrugna...

EUVD-2007-4023

Malware in sbrugna...

EUVD-2007-3938

Malware in sbrugna...

CVE-2007-3954

Argument injection vulnerability in Microsoft Internet Explorer, when running on systems with SeaMonkey installed and certain URIs registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in a mailto URI, which are...

CVE-2007-3924

Argument injection vulnerability in Microsoft Internet Explorer, when running on systems with Netscape installed and certain URIs registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in a -chrome argument to the...

SUSE CVE-2007-3670

Argument injection vulnerability in Microsoft Internet Explorer, when running on systems with Firefox installed and certain URIs registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in a 1 FirefoxURL or 2 FirefoxHTM...

ZenPhoto 跨站脚本漏洞

ZenPhoto is a free content management system for photo libraries. The system manages images and supports multimedia such as audio and video. A security vulnerability exists in versions of ZenPhoto prior to 1.6, which can be exploited by an attacker to execute arbitrary scripts on the web browser ...

GHSA-93C7-2942-3H47 ChakraCore information disclosure vulnerability

An information disclosure vulnerability exists when the browser scripting engine improperly handle object types, aka "Microsoft Scripting Engine Information Disclosure Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge, Internet Explorer 10...

CVE-2018-8315

An information disclosure vulnerability exists when the browser scripting engine improperly handle object types, aka "Microsoft Scripting Engine Information Disclosure Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge, Internet Explorer 10...

CVE-2018-8315

CVE-2018-8315 is an information-disclosure vulnerability in the browser scripting engine. Affected components include ChakraCore, Internet Explorer 11, Microsoft Edge, and Internet Explorer 10, where improper handling of object types leads to partial confidentiality/integrity impact. The CVE’s ba...

Microsoft Windows Multiple Vulnerabilities (KB4457144)

This host is missing a critical security update according to Microsoft KB4457144. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2018-11090

An XSS issue was discovered in MyBiz MyProcureNet 5.0.0. This vulnerability within "ProxyPage.aspx" allows an attacker to inject malicious client side scripting which will be executed in the browser of users if they visit the manipulated site...

Microsoft Browser Scripting Engine Memory Corruption (CVE-2017-11843)

A Use-After-Free vulnerability exists in Microsoft browsers. The vulnerability is due to the way the scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user...

Cybozu Office Cross-Site Scripting Vulnerability (CNVD-2016-08630)

Cybozu Office is a Web-based, cross-platform collaboration solution from Cybozu. A cross-site scripting vulnerability exists in Cybozu Office versions 9.0.0 through 10.4.0. The vulnerability can be exploited to execute arbitrary script in the web browser of a logged-in user...

CVE-2007-4038

Argument injection vulnerability in Mozilla Firefox before 2.0.0.5, when running on systems with Thunderbird 1.5 installed and certain URIs registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in a mailto URI, which...

CVE-2007-4039

Argument injection vulnerability involving Mozilla, when certain URIs are registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in an unspecified URI, which are inserted into the command line when invoking the handli...