Path Traversal

pretalx is vulnerable to Path Traversal. The vulnerability exists in exportschedulehtml.py which allows an attacker to read arbitrary files by uploading crafted html documents...

CVE-2012-4142

Opera’s CVE-2012-4142 affects multiple platforms: Windows/UNIX builds before 12.01 and Mac OS X builds before 11.66 (and before 12.01 for 12.x lines). The flaw arises from Opera’s HTML parsing, which ignores some characters under unspecified circumstances, enabling remote XSS via crafted document...

CVE-2009-2841

The HTMLMediaElement::loadResource function in html/HTMLMediaElement.cpp in WebCore in WebKit before r49480, as used in Apple Safari before 4.0.4 on Mac OS X, does not perform the expected callbacks for HTML 5 media elements that have external URLs for media resources, which allows remote attacke...

PT-2009-4932 · Microsoft · Internet Explorer

Name of the Vulnerable Software and Affected Versions: Microsoft Internet Explorer versions 5.01 SP4, 6, 6 SP1, 7, and 8 Description: The issue arises from improper argument validation for unspecified variables, allowing remote attackers to execute arbitrary code via a crafted HTML document. This...