7 matches found
EUVD-2018-13321
Malware in sbrugna...
SUSE CVE-2010-0168
The nsDocument::MaybePreLoadImage function in content/base/src/nsDocument.cpp in the image-preloading implementation in Mozilla Firefox 3.6 before 3.6.2 does not apply scheme restrictions and policy restrictions to the image's URL, which might allow remote attackers to cause a denial of service...
Design/Logic Flaw
S-Cart v6.4.1 and below was discovered to contain an arbitrary file upload vulnerability in the Editor module on the Admin panel. This vulnerability allows attackers to execute arbitrary code via a crafted IMG file...
Design/Logic Flaw
DISPUTED jQuery v2.2.2 allows XSS via a crafted onerror attribute of an IMG element. NOTE: this vulnerability has been reported to be spam entry...
CVE-2018-18405
jQuery v2.2.2 allows XSS via a crafted onerror attribute of an IMG element. NOTE: this vulnerability has been reported to be spam entry...
CVE-2018-19057
SimpleMDE 1.11.2 has XSS via an onerror attribute of a crafted IMG element, or via certain input with and characters, which is mishandled during construction of an A element...
Cross site scripting
Cross-site scripting XSS vulnerability in Alt-N MDaemon WorldClient 10.0.2, when Internet Explorer 7 is used, allows remote attackers to inject arbitrary web script or HTML via a crafted img tag...