113 matches found
CVE-2015-0870
Cross-site scripting XSS vulnerability in hb.cgi in Nishishi Factory Fumy News Clipper 2.x before 2.5.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2015-0870
CVE-2015-0870 affects Nishishi Factory’s Fumy News Clipper (2.x) prior to 2.5.0. The issue is a cross-site scripting vulnerability in the hb.cgi component that allows remote attackers to inject arbitrary script/HTML via unspecified vectors. Affected versions include 2.x up to (and including) 2.4....
Fumy News Clipper vulnerable to cross-site scripting
Overview Fumy News Clipper provided by Nishishi Factory contains a cross-site scripting vulnerability. Shoji Baba reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An arbitrary script may be executed on the...
JVN#33735535: Fumy News Clipper vulnerable to cross-site scripting
Fumy News Clipper is a weblog system. Fumy News Clipper contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the software Update to the latest version according to the information provided by the developer. Products...
doc2dash (=1.2.0), document-clipper (>=0.9.0 <=0.13.6) +1 more potentially affected by CVE-2014-3146 via lxml (>=3.2.3 <=3.3.2)
lxml PYPI version =3.2.3, =0.9.0, =0.13.6 - rymtracks =0.1.2 Source cves: CVE-2014-3146 Source advisory: OSV:PYSEC-2014-9...
CVE-2001-0593
Anaconda Partners Clipper 3.3 and earlier allows a remote attacker to read arbitrary files via a '..' dot dot attack in the template parameter...
CVE-2001-0593
The CVE-2001-0593 entry affects Anaconda Partners Clipper 3.3 and earlier, where a directory traversal via the template parameter allows a remote attacker to read arbitrary files. The vulnerability is rooted in a dot-dot (.. ) path traversal in the template handling, enabling file disclosure with...
CVE-2001-0593
Anaconda Partners Clipper 3.3 and earlier allows a remote attacker to read arbitrary files via a '..' dot dot attack in the template parameter...
Ananconda Partners Clipper anacondaclip.pl Traversal Arbitrary File Access
The CGI script 'anacondaclip', which comes with anacondaclip.pl, is installed on this machine. This CGI has a well-known security flaw that allows an attacker to read arbitrary files on the remote system with the privileges of the HTTP daemon usually root or nobody. %NASLMINLEVEL 70300 C Tenable...
Дырка в Anaconda Clipper (directory traversal)
Обратный путь в директориях...
advisory
---=== UkR security team - Advisory no. 11 ===--- Anaconda Clipper - 'arbitrary file retreival' vulnerability Date: 27.03.2001 Problem: input validation error. Vulnerable products: Anaconda Clipper ver. 3.3 probably others, but not tested Product vendor: Anaconda / http://www.anaconda.net Comment...
anaconda clipper 3.3 - Directory Traversal
anaconda clipper 3.3 - Directory Traversal source: https://www.securityfocus.com/bid/2512/info Clipper is a headline-gathering tool from Anaconda! Partners which, in certain versions, is vulnerable to directory traversal attacks. By including '/../' sequences in requested URLs, an attacker can...
anaconda clipper 3.3 - Directory Traversal
source: https://www.securityfocus.com/bid/2512/info Clipper is a headline-gathering tool from Anaconda! Partners which, in certain versions, is vulnerable to directory traversal attacks. By including '/../' sequences in requested URLs, an attacker can cause the retrieval of arbitrary files,...