Lucene search
K

9 matches found

Tenable Nessus
Tenable Nessus
added 2010/08/23 12:0 a.m.27 views

Debian DSA-2092-1 : lxr-cvs - missing input sanitizing

Dan Rosenberg discovered that in lxr-cvs, a code-indexing tool with a web frontend, not enough sanitation of user input is performed; an attacker can take advantage of this and pass script code in order to perform cross-site scripting attacks. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

4.3CVSS5.1AI score0.03221EPSS
Exploits0References8
securityvulns
securityvulns
added 2010/08/21 12:0 a.m.58 views

[SECURITY] [DSA 2092-1] New lxr-cvs packages fix cross-site scripting

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-2092-1 [email protected] http://www.debian.org/security/ Sebastien Delafond Aug 17th, 2010 http://www.debian.org/security/faq -...

4.3CVSS5.4AI score0.03221EPSS
Exploits0
Debian
Debian
added 2010/08/17 8:30 p.m.35 views

[SECURITY] [DSA 2092-1] New lxr-cvs packages fix cross-site scripting

------------------------------------------------------------------------ Debian Security Advisory DSA-2092-1 [email protected] http://www.debian.org/security/ Sébastien Delafond Aug 17th, 2010 http://www.debian.org/security/faq -...

4.3CVSS5.6AI score0.03221EPSS
Exploits0
NVD
NVD
added 2010/06/24 12:30 p.m.21 views

CVE-2010-1448

Cross-site scripting XSS vulnerability in lib/LXR/Common.pm in LXR Cross Referencer before 0.9.8 allows remote attackers to inject arbitrary web script or HTML via vectors related to a string in the search page's TITLE element, a different vulnerability than CVE-2009-4497 and CVE-2010-1625...

4.3CVSS5.4AI score0.02515EPSS
Exploits0References14
UbuntuCve
UbuntuCve
added 2010/06/24 12:30 p.m.23 views

CVE-2010-1448

Cross-site scripting XSS vulnerability in lib/LXR/Common.pm in LXR Cross Referencer before 0.9.8 allows remote attackers to inject arbitrary web script or HTML via vectors related to a string in the search page's TITLE element, a different vulnerability than CVE-2009-4497 and CVE-2010-1625...

4.3CVSS6AI score0.02515EPSS
Exploits0References1
Cvelist
Cvelist
added 2010/06/23 6:0 p.m.32 views

CVE-2010-1448

Cross-site scripting XSS vulnerability in lib/LXR/Common.pm in LXR Cross Referencer before 0.9.8 allows remote attackers to inject arbitrary web script or HTML via vectors related to a string in the search page's TITLE element, a different vulnerability than CVE-2009-4497 and CVE-2010-1625...

5.3AI score0.02515EPSS
Exploits0References14
CVE
CVE
added 2010/06/23 6:0 p.m.52 views

CVE-2010-1448

CVE-2010-1448 is a cross-site scripting (XSS) vulnerability in the LXR Cross Referencer. The flaw resides in the file lib/LXR/Common.pm and affects versions prior to 0.9.8 . An attacker can inject arbitrary web script/HTML by exploiting a string in the search page’s TITLE element. This entry is r...

4.3CVSS5.5AI score0.02515EPSS
Exploits0References14Affected Software1
Prion
Prion
added 2010/05/06 6:30 p.m.17 views

Design/Logic Flaw

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-1448. Reason: This candidate is a duplicate of CVE-2010-1448. Notes: All CVE users should reference CVE-2010-1448 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...

6.6AI score0.02515EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2010/05/06 6:30 p.m.5 views

CVE-2010-1738

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-1448. Reason: This candidate is a duplicate of CVE-2010-1448. Notes: All CVE users should reference CVE-2010-1448 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...

5.9AI score
Exploits0References1
Rows per page
Query Builder