31 matches found
UBUNTU-CVE-2024-50614
TinyXML2 through 10.0.0 has a reachable assertion for UINTMAX/16, that may lead to application exit, in tinyxml2.cpp XMLUtil::GetCharacterRef...
CVE-2009-3627
The decodeentities function in util.c in HTML-Parser before 3.63 allows context-dependent attackers to cause a denial of service infinite loop via an incomplete SGML numeric character reference, which triggers generation of an invalid UTF-8 character...
Design/Logic Flaw
The decodeentities function in util.c in HTML-Parser before 3.63 allows context-dependent attackers to cause a denial of service infinite loop via an incomplete SGML numeric character reference, which triggers generation of an invalid UTF-8 character...
CVE-2009-3627
The decodeentities function in util.c in HTML-Parser before 3.63 allows context-dependent attackers to cause a denial of service infinite loop via an incomplete SGML numeric character reference, which triggers generation of an invalid UTF-8 character...
CVE-2009-3627
The decodeentities function in util.c in HTML-Parser before 3.63 allows context-dependent attackers to cause a denial of service infinite loop via an incomplete SGML numeric character reference, which triggers generation of an invalid UTF-8 character...
CVE-2009-3627
The decodeentities function in util.c in HTML-Parser before 3.63 allows context-dependent attackers to cause a denial of service infinite loop via an incomplete SGML numeric character reference, which triggers generation of an invalid UTF-8 character...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Movable Type MT before 3.34 allow remote attackers to inject arbitrary web script or HTML via comments that have 1 a malformed SGML numeric character reference with a '\0' 0x00 character in a javascript: URI or 2 an attribute in an element that...
CVE-2007-3342
Multiple cross-site scripting XSS vulnerabilities in Movable Type MT before 3.34 allow remote attackers to inject arbitrary web script or HTML via comments that have 1 a malformed SGML numeric character reference with a '\0' 0x00 character in a javascript: URI or 2 an attribute in an element that...
CVE-2006-4706
Cross-site scripting XSS vulnerability in inc/functionspost.php in MyBB aka MyBulletinBoard 1.1.7 allows remote attackers to inject arbitrary web script or HTML via a url BBCode tag that contains a javascript URI with an SGML numeric character reference and an embedded space, as demonstrated usin...
CVE-2006-3761
Cross-site scripting XSS vulnerability in inc/functionspost.php in MyBB aka MyBulletinBoard 1.0 RC2 through 1.1.4 allows remote attackers to inject arbitrary web script or HTML via a javascript URI with an SGML numeric character reference in the url BBCode tag, as demonstrated using "javacript"...
CVE-2006-3761
Cross-site scripting XSS vulnerability in inc/functionspost.php in MyBB aka MyBulletinBoard 1.0 RC2 through 1.1.4 allows remote attackers to inject arbitrary web script or HTML via a javascript URI with an SGML numeric character reference in the url BBCode tag, as demonstrated using "javacript"...