Cross site scripting

Cross-site scripting XSS vulnerability in MediaWiki before 1.16.2 allows remote attackers to inject arbitrary web script or HTML via crafted Cascading Style Sheets CSS comments, aka "CSS injection vulnerability."...

CVE-2011-0047

Cross-site scripting XSS vulnerability in MediaWiki before 1.16.2 allows remote attackers to inject arbitrary web script or HTML via crafted Cascading Style Sheets CSS comments, aka "CSS injection vulnerability."...

CVE-2011-0047

CVE-2011-0047 is a cross-site scripting (XSS) vulnerability in MediaWiki prior to 1.16.2, exploitable by remote attackers via crafted CSS comments to inject script/HTML. Affected component: MediaWiki core; root cause: improper handling of CSS comment content leading to HTML/JS injection; impact: ...

mediawiki -- multiple vulnerabilities

Medawiki reports: An arbitrary script inclusion vulnerability was discovered. The vulnerability only allows execution of files with names ending in ".php" which are already present in the local filesystem. Only servers running Microsoft Windows and possibly Novell Netware are affected. Despite...

CVE-2011-0681

The Cascading Style Sheets CSS Extensions for XML implementation in Opera before 11.01 recognizes links to javascript: URLs in the -o-link property, which makes it easier for remote attackers to bypass CSS filtering via a crafted URL...

Design/Logic Flaw

The Cascading Style Sheets CSS Extensions for XML implementation in Opera before 11.01 recognizes links to javascript: URLs in the -o-link property, which makes it easier for remote attackers to bypass CSS filtering via a crafted URL...

CVE-2011-0681

CVE-2011-0681 affects Opera before 11.01. The CSS Extensions for XML implementation recognizes javascript: URLs in the -o-link property, enabling bypass of CSS filtering. Opera 11.01 fixes this by upgrading. The connected documents confirm the specific mechanism and the fixed version; exploitatio...

CVE-2011-0681

The Cascading Style Sheets CSS Extensions for XML implementation in Opera before 11.01 recognizes links to javascript: URLs in the -o-link property, which makes it easier for remote attackers to bypass CSS filtering via a crafted URL...

Google Chrome multiple vulnerabilities - Jan11 (Linux)

The host is running Google Chrome and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbgooglechromemultvulnjan11lin.nasl 7052 2017-09-04 11:50:51Z teissa $ Google Chrome Multiple Vulnerabilities - Jan11 Linux Authors: Sooraj KS Copyright: Copyright c 2011 Greenbone Networks...

Opera < 11.01 Multiple Vulnerabilities

The version of Opera installed on the remote Windows host is earlier than 11.01. Such versions are potentially affected by the following issues : - The Cascading Style Sheets CSS Extensions for XML implementation recognizes links to javascript: URLs in the -o-link property, which could be abused ...

Google Chrome Multiple Vulnerabilities (Jan 2011) - Windows

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

opera -- multiple vulnerabilities

Opera reports: Opera 11.01 is a recommended upgrade offering security and stability enhancements. The following security vulnerabilities have been fixed: Removed support for "javascript:" URLs in CSS -o-link values, to make it easier for sites to filter untrusted CSS. Fixed an issue where large...

webkit: CSS Font Face Parsing Type Confusion Vulnerability

The CSSParser::parseFontFaceSrc function in WebCore/css/CSSParser.cpp in WebKit, as used in Google Chrome before 8.0.552.224, Chrome OS before 8.0.552.343, webkitgtk before 1.2.6, and other products does not properly parse Cascading Style Sheets CSS token sequences, which allows remote attackers ...

MS KB2488013: Internet Explorer CSS Import Rule Processing Arbitrary Code Execution

The remote host is missing one of the workarounds referenced in KB 2488013. The remote version of IE reportedly fails to correctly process certain specially crafted Cascading Style Sheets CSS, which could result in arbitrary code execution on the remote system. C Tenable Network Security, Inc...

Microsoft Internet Explorer - CSS SetUserClip Memory Corruption (MS10-090) (Metasploit)

$Id: ms10090iecssclip.rb 11610 2011-01-20 19:30:59Z egypt $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

AWBS 2.9.2 (cart.php) Blind SQL Injection Vulnerability

Exploit for php platform in category web applications AWBS 2.9.2 Blind SQL Injection 0day ============================================================================================= Dork....: inurl:/cart?ca=addother&oid= Date....: 01-16-2011 Author..: ShivX Contact.: shivanxatgmaildotcom...

CVE-2011-0474

Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle Cascading Style Sheets CSS token sequences in conjunction with cursors, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a...

CVE-2011-0473

Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle Cascading Style Sheets CSS token sequences in conjunction with CANVAS elements, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that le...

CVE-2011-0474

Removed by vendor...

CVE-2011-0474

Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle Cascading Style Sheets CSS token sequences in conjunction with cursors, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a...