CVE-2014-4958

Cross-site scripting XSS vulnerability in Telerik UI for ASP.NET AJAX RadEditor control 2014.1.403.35, 2009.3.1208.20, and other versions allows remote attackers to inject arbitrary web script or HTML via CSS expressions in style attributes...

Microsoft Internet Explorer CSS Transition Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. By setting a "background" style...

Microsoft Internet Explorer CGeneratedTreeNode Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability relates to how...

A Forms 1.4.0 - a-forms.php aform_css_file_selector() Function css_file_selection Parameter XSS

The A Forms WordPress plugin was affected by an a-forms.php aformcssfileselector Function cssfileselection Parameter XSS security vulnerability...

CSS Plus 1.3.1 - Unspecified Vulnerabilities

The CSS Plus WordPress plugin was affected by an Unspecified Vulnerabilities security vulnerability...

VUPEN Security Research - Microsoft Internet Explorer CSS @import Memory Corruption (Pwn2Own 2014)

VUPEN Security Research - Microsoft Internet Explorer CSS @import Memory Corruption Pwn2Own 2014 Website : http://www.vupen.com Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- "Microsoft Internet Explorer is a web browser developed by Microsoft and included as part of the...

(Pwn2Own) Microsoft Internet Explorer CSS Memory Corruption Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Mozilla Thunderbird 1.5 - Multiple Remote Information Disclosure Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/16881/info Mozilla Thunderbird is susceptible to multiple remote information-disclosure vulnerabilities. These issues are due to the application's failure to properly enforce the restriction for downloading remote content...

DynPG CMS 4.1.0 - Multiple Vulnerability (popup.php and counter.php)

No description provided by source. DynPG CMS v4.1.0 Multiple Vulnerability fucking the Web Apps attack edition /\ \ /\ \ /\ /\ \ \ \ \L\ \ \ /'\ /\ \ \ ,\ \ \ \ \ /\ /\ \ /'\ \ , /\ \ /' \ /' \ \ \ /\ \ \ /'\ \ \ /\ \ \ /\ /\ \ \\ \ /\ /\ /\ \L\ \ \ \ \ \ \ \ /\ / \ \ \ /\ \...

Lycos HTMLGear guestGear CSS HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5728/info Lycos htmlGEAR guestGEAR does not sanitize HTML from CSS Cascading Style-Sheets elements in guestbook fields. An attacker could capitalize on this situation to include arbitrary HTML and script code in a guestbo...

webid 0.5.4 - Multiple Vulnerabilities

No description provided by source. || || | || o,7 || . o7 || 4||| ow, : / / . ================================ ========================== ==================== |-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=| | | | /' \ /'\ /\ \ /'\ /\ \ | | /, \ /\/\L\ \ \ \ ,/\ /\ \ ...

Internet Explorer 8 CSS 'expression' Property Cross Site Scripting Filter Bypass Weakness

No description provided by source. source: http://www.securityfocus.com/bid/32780/info Microsoft Internet Explorer is a web browser for the Microsoft Windows operating system. Internet Explorer 8 includes a cross-site-scripting filter that is designed to prevent cross-site-scripting attacks again...

Opera Web Browser 9 CSS Background URI Memory Corruption Vulnerability

source: http://www.securityfocus.com/bid/19166/info Opera Web Browser is prone to a memory-corruption vulnerability. A remote attacker may trigger this issue by enticing a user to visit a malicious website. This issue has been reported in Opera 9. Other versions may be vulnerable as well. This BI...

Microsoft Internet Explorer 5.0.1 CSS Style Sheet Memory Corruption Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10382/info A vulnerability identified in Internet Explorer may allow an attacker to cause the application to crash. The issue presents itself when the browser attempts to process an HTML page containing a table and loads ...

Gravity Board X <= 1.1 (csscontent) Remote Code Execution Exploit

No description provided by source. !/usr/bin/perl Gravity Board X v1.1 possibly prior versions remote code execution exploit coded by 1dt.w0lf 14.08.2005 RST/GHC http://rst.void.ru http://ghc.ru use LWP::UserAgent; if@ARGV1 exit0; $path = $ARGV0; header; print Creating shell... Please wait\n; $gr...

MS Internet Explorer <= 6.0.2900 SP2 (CSS Attribute) Denial of Service

No description provided by source. !-- Internet Explorer = 6.0.2900 SP2 suffers from a DoS vulnerability in which a remote users Internet Explorer session can be crashed when hovering their cursor over a specially made table. The fault occurs when the position CSS attribute is set to a table. Thi...

LiveJournal 1.1 CSS HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9727/info LiveJournal is reportedly prone to HTML injection via Cascading Style Sheet CSS tags. It is possible to inject hostile HTML and script code into journal entries through this vulnerability. This could potentially...

Mozilla Firefox CSS - font-face Remote Code Execution Vulnerability

No description provided by source. ''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | | | | | || / \ || | | | || ||// \/|/ http://www.exploit-db.com/moabu-15-mozilla-firefox-css-font-face-remote-code-execution-vulnerability/...

asp talk (sql/css) Multiple Vulnerabilities

No description provided by source. 000000 00000 0000 0000 000 00 000000 0000000 0000 000000 00000 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 00 0 0 0 0 0 0 0 0 00 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 00000 0 0 0 0 0 0 0 0 00000 0000 0 0 0 0 00000 0 0 0 0 0 0 0 0 0 0 000 0 0 0 ...

Gravity Board X 1.1 CSS Template Unauthorized Access Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14502/info Gravity Board X GBX is affected by an unauthorized access vulnerability. This issue is due to a failure in the application to perform proper access validation before granting access to privileged functions. An...