EUVD-2025-209069

HCL Aftermarket DPC is affected by Cross Domain Script Include vulnerability where an attacker using external scripts can tamper with the DOM, altering the content or behavior of the application. Malicious scripts can steal cookies or session tokens, leading to session hijacking...

EUVD-2011-0712

Malware in sbrugna...

EUVD-2004-0903

Malware in sbrugna...

EUVD-2009-4071

Malware in sbrugna...

EUVD-2009-4072

Malware in sbrugna...

EUVD-2009-0912

Malware in sbrugna...

EUVD-2007-6486

Malware in sbrugna...

EUVD-2009-2792

Malware in sbrugna...

EUVD-2007-6488

Malware in sbrugna...

ntkproject.com Cross Site Scripting vulnerability OBB-3837940

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

SUSE CVE-2007-6520

Opera before 9.25 allows remote attackers to conduct cross-domain scripting attacks via unknown vectors related to plug-ins...

SUSE CVE-2007-6522

The rich text editing functionality in Opera before 9.25 allows remote attackers to conduct cross-domain scripting attacks by using designMode to modify contents of pages in other domains...

SUSE CVE-2009-0915

Opera before 9.64 allows remote attackers to conduct cross-domain scripting attacks via unspecified vectors related to plug-ins...

SUSE CVE-2019-11711

When an inner window is reused, it does not consider the use of document.domain for cross-origin protections. If pages on different subdomains ever cooperatively use document.domain, then either page can abuse this to inject script into arbitrary pages on the other subdomain, even those that did...

Amazon Alexa Bugs Could've Let Hackers Install Malicious Skills Remotely

Attention! If you use Amazon's voice assistant Alexa in you smart speakers, just opening an innocent-looking web-link could let attackers install hacking skills on it and spy on your activities remotely. Check Point cybersecurity researchers—Dikla Barda, Roman Zaikin and Yaara Shriki—today...

CVE-2009-2802

MantisBT 1.2.x before 1.2.2 insecurely handles attachments and MIME types. Arbitrary inline attachment rendering could lead to cross-domain scripting or other browser attacks...

Cross site scripting

MantisBT 1.2.x before 1.2.2 insecurely handles attachments and MIME types. Arbitrary inline attachment rendering could lead to cross-domain scripting or other browser attacks...

CVE-2009-2802

MantisBT 1.2.x before 1.2.2 insecurely handles attachments and MIME types. Arbitrary inline attachment rendering could lead to cross-domain scripting or other browser attacks...

CVE-2009-2802

Affected product: MantisBT 1.2.x prior to 1.2.2. Vulnerability arises from insecure handling of attachments and MIME types, allowing arbitrary inline attachment rendering that could enable cross-domain scripting or other browser attacks. Root cause: improper attachment/MIME processing in the lega...

CVE-2009-2802

MantisBT 1.2.x before 1.2.2 insecurely handles attachments and MIME types. Arbitrary inline attachment rendering could lead to cross-domain scripting or other browser attacks...