Lucene search
+L

116 matches found

Prion
Prion
added 2008/02/12 3:0 a.m.16 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allow remote attackers to inject arbitrary web script or HTML via certain character encodings, including 1 a backspace character that is treated as...

4.3CVSS5.7AI score0.0162EPSS
Exploits1References26Affected Software3
Cvelist
Cvelist
added 2008/02/12 2:0 a.m.24 views

CVE-2008-0416

Multiple cross-site scripting XSS vulnerabilities in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allow remote attackers to inject arbitrary web script or HTML via certain character encodings, including 1 a backspace character that is treated as...

5.4AI score0.0162EPSS
Exploits1References26
NVD
NVD
added 2007/12/12 12:46 a.m.23 views

CVE-2007-6318

SQL injection vulnerability in wp-includes/query.php in WordPress 2.3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the s parameter, when DBCHARSET is set to 1 Big5, 2 GBK, or possibly other character set encodings that support a "" in a multibyte character...

6.8CVSS10AI score0.09156EPSS
Exploits2References12
0day.today
0day.today
added 2007/12/11 12:0 a.m.33 views

Wordpress <= 2.3.1 Charset Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications ============================================================= Wordpress Affected version: WordPress = 2.3.1 Exploit type: Remote Risk: Moderate CVE: pending 1. Summary 2. Detail 3. Proof of concept 4. Workaround 1. Summary Quoting from...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2007/12/11 12:0 a.m.49 views

WordPress Core 2.3.1 - Charset SQL Injection

=== WordPress Charset SQL Injection Vulnerability === Release date: 2007-12-10 Last modified: 2007-12-12 Source: Abel Cheung Affected version: WordPress = 2.3.1 Exploit type: Remote Risk: Moderate CVE: pending Reference: http://www.abelcheung.org/advisory/20071210-wordpress-charset.txt 1. Summary...

7.4AI score
Exploits0
Prion
Prion
added 2007/09/17 5:17 p.m.18 views

Cross site scripting

Cross-site scripting XSS vulnerability in ipskernel/classajax.php in Invision Power Board IPB or IP.Board 2.3.1 up to 20070912 allows remote attackers to inject arbitrary web script or HTML into user profile fields via unspecified vectors related to character sets other than iso-8859-1 or utf-8...

4.3CVSS6.1AI score0.01065EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2007/09/17 5:0 p.m.21 views

CVE-2007-4912

Cross-site scripting XSS vulnerability in ipskernel/classajax.php in Invision Power Board IPB or IP.Board 2.3.1 up to 20070912 allows remote attackers to inject arbitrary web script or HTML into user profile fields via unspecified vectors related to character sets other than iso-8859-1 or utf-8...

5.6AI score0.01065EPSS
Exploits0References5
NVD
NVD
added 2007/07/03 6:30 p.m.13 views

CVE-2007-3527

Integer overflow in Firebird 2.0.0 allows remote authenticated users to cause a denial of service CPU consumption via certain database operations with multi-byte character sets that trigger an attempt to use the value 65536 for a 16-bit integer, which is treated as 0 and causes an infinite loop o...

6.8CVSS6.5AI score0.01556EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2007/07/03 6:30 p.m.30 views

CVE-2007-3527

Integer overflow in Firebird 2.0.0 allows remote authenticated users to cause a denial of service CPU consumption via certain database operations with multi-byte character sets that trigger an attempt to use the value 65536 for a 16-bit integer, which is treated as 0 and causes an infinite loop o...

6.8CVSS6AI score0.01556EPSS
Exploits0References1
Prion
Prion
added 2007/07/03 6:30 p.m.19 views

Integer overflow

Integer overflow in Firebird 2.0.0 allows remote authenticated users to cause a denial of service CPU consumption via certain database operations with multi-byte character sets that trigger an attempt to use the value 65536 for a 16-bit integer, which is treated as 0 and causes an infinite loop o...

6.8CVSS6.8AI score0.01556EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2007/07/03 6:0 p.m.22 views

CVE-2007-3527

Integer overflow in Firebird 2.0.0 allows remote authenticated users to cause a denial of service CPU consumption via certain database operations with multi-byte character sets that trigger an attempt to use the value 65536 for a 16-bit integer, which is treated as 0 and causes an infinite loop o...

6.5AI score0.01556EPSS
Exploits0References6
CVE
CVE
added 2007/07/03 6:0 p.m.53 views

CVE-2007-3527

CVE-2007-3527 : Firebird 2.0.0 contains an integer overflow that can be triggered by certain multi-byte character set operations, allowing remote authenticated users to cause a denial of service via CPU consumption due to an infinite loop when a 16-bit integer is set to 65536. The vulnerability a...

6.8CVSS6.5AI score0.01556EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2007/05/11 4:20 a.m.17 views

CVE-2007-1262

Multiple cross-site scripting XSS vulnerabilities in the HTML filter in SquirrelMail 1.4.0 through 1.4.9a allow remote attackers to inject arbitrary web script or HTML via the 1 data: URI in an HTML e-mail attachment or 2 various non-ASCII character sets that are not properly filtered when viewed...

4.3CVSS5.5AI score0.0253EPSS
Exploits1References24
Prion
Prion
added 2007/05/11 4:20 a.m.16 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the HTML filter in SquirrelMail 1.4.0 through 1.4.9a allow remote attackers to inject arbitrary web script or HTML via the 1 data: URI in an HTML e-mail attachment or 2 various non-ASCII character sets that are not properly filtered when viewed...

4.3CVSS5.5AI score0.0253EPSS
Exploits1References24Affected Software1
UbuntuCve
UbuntuCve
added 2007/05/11 4:20 a.m.27 views

CVE-2007-1262

Multiple cross-site scripting XSS vulnerabilities in the HTML filter in SquirrelMail 1.4.0 through 1.4.9a allow remote attackers to inject arbitrary web script or HTML via the 1 data: URI in an HTML e-mail attachment or 2 various non-ASCII character sets that are not properly filtered when viewed...

4.3CVSS5.9AI score0.0253EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2007/05/09 12:0 a.m.39 views

squirrelmail -- Cross site scripting in HTML filter

The SquirrelMail developers report: Multiple cross-site scripting XSS vulnerabilities in the HTML filter in SquirrelMail 1.4.0 through 1.4.9a allow remote attackers to inject arbitrary web script or HTML via the 1 data: URI in an HTML e-mail attachment or 2 various non-ASCII character sets that a...

4.3CVSS5.6AI score0.0253EPSS
Exploits1References1
securityvulns
securityvulns
added 2006/06/08 12:0 a.m.35 views

PostgreSQL / MySQL extended character sets SQL injections

It's possible to use character different from quote sign in different encodings...

2.6AI score
Exploits0References3Affected Software1
NVD
NVD
added 2006/06/01 5:2 p.m.20 views

CVE-2006-2753

SQL injection vulnerability in MySQL 4.1.x before 4.1.20 and 5.0.x before 5.0.22 allows context-dependent attackers to execute arbitrary SQL commands via crafted multibyte encodings in character sets such as SJIS, BIG5, and GBK, which are not properly handled when the mysqlrealescape function is...

7.5CVSS7.8AI score0.03536EPSS
Exploits0References26
Prion
Prion
added 2006/06/01 5:2 p.m.30 views

Sql injection

SQL injection vulnerability in MySQL 4.1.x before 4.1.20 and 5.0.x before 5.0.22 allows context-dependent attackers to execute arbitrary SQL commands via crafted multibyte encodings in character sets such as SJIS, BIG5, and GBK, which are not properly handled when the mysqlrealescape function is...

7.5CVSS8.1AI score0.03536EPSS
Exploits0References26Affected Software1
UbuntuCve
UbuntuCve
added 2006/06/01 5:2 p.m.34 views

CVE-2006-2753

SQL injection vulnerability in MySQL 4.1.x before 4.1.20 and 5.0.x before 5.0.22 allows context-dependent attackers to execute arbitrary SQL commands via crafted multibyte encodings in character sets such as SJIS, BIG5, and GBK, which are not properly handled when the mysqlrealescape function is...

7.5CVSS6.1AI score0.03536EPSS
Exploits0References3
Rows per page
Query Builder