6 matches found
CVE-2008-1468
Cross-site scripting XSS vulnerability in namazu.cgi in Namazu before 2.0.18 allows remote attackers to inject arbitrary web script or HTML via UTF-7 encoded input, related to failure to set the charset, a different vector than CVE-2004-1318 and CVE-2001-1350. NOTE: some of these details are...
CVE-2004-1318
Cross-site scripting XSS vulnerability in namazu.cgi for Namazu 2.0.13 and earlier allows remote attackers to inject arbitrary HTML and web script via a query that starts with a tab "%09" character, which prevents the rest of the query from being properly sanitized...
CVE-2004-1318
Cross-site scripting XSS vulnerability in namazu.cgi for Namazu 2.0.13 and earlier allows remote attackers to inject arbitrary HTML and web script via a query that starts with a tab "%09" character, which prevents the rest of the query from being properly sanitized...
CVE-2004-1318
CVE-2004-1318 is an XSS vulnerability in Namazu’s namazu.cgi affecting Namazu versions up to 2.0.13. A crafted query beginning with a tab character (%09) prevents proper sanitization, allowing remote attackers to inject arbitrary HTML/JavaScript. The vulnerability appears in the query handling pa...
CVE-2004-1318
Cross-site scripting XSS vulnerability in namazu.cgi for Namazu 2.0.13 and earlier allows remote attackers to inject arbitrary HTML and web script via a query that starts with a tab "%09" character, which prevents the rest of the query from being properly sanitized...
Debian DSA-627-1 : namazu2 - unsanitised input
A cross-site scripting vulnerability has been discovered in namazu2, a full text search engine. An attacker could prepare specially crafted input that would not be sanitised by namazu2 and hence displayed verbatim for the victim. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptiv...