Improper Neutralization of Input During Web Page Generation in Spring Framework

Cross-site scripting XSS vulnerability in web/servlet/tags/form/FormTag.java in Spring MVC in Spring Framework 3.0.0 before 3.2.8 and 4.0.0 before 4.0.2 allows remote attackers to inject arbitrary web script or HTML via the requested URI in a default action...

Backup infrastructure missing in SCOM views after upgrade to Veeam Backup & Replication 9.5 U4

Challenge After you upgrade to Veeam Backup & Replication 9.5 Update 4, MP for Veeam Backup & Replication monitoring views in SCOM no longer display backup infrastructure partially or completely. The following events can be found in the SCOM Windows event log on the affected Veeam Backup &...

Microsoft Windows Defender AV: Threat alert levels at which default action should not be taken (Medium)

This test checks the setting for policy OpenVAS Vulnerability Test $Id: winavthreatseveritydefaultaction2.nasl 11495 2018-09-20 10:06:25Z emoss $ Check value for Specify threat alert levels at which default action should not be taken when detected Medium Authors: Emanuel Moss Copyright: Copyright...

Microsoft Windows Defender AV: Threat alert levels at which default action should not be taken (Low)

This test checks the setting for policy OpenVAS Vulnerability Test $Id: winavthreatseveritydefaultaction1.nasl 11495 2018-09-20 10:06:25Z emoss $ Check value for Specify threat alert levels at which default action should not be taken when detected Low Authors: Emanuel Moss Copyright: Copyright c...

CVE-2017-6632

A vulnerability in the logging configuration of Secure Sockets Layer SSL policies for Cisco FirePOWER System Software 5.3.0 through 6.2.2 could allow an unauthenticated, remote attacker to cause a denial of service DoS condition due to high consumption of system resources. The vulnerability is du...

MS Internet Explorer 5.5 CLSID File Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2612/info The default operation performed to open a filetype is determining by referencing the filetype's CLSID. Due to a flaw in the interpretation of CLSIDs when appended to a filename, it is possible to specify a...

Framework: cross-site scripting flaw when using Spring MVC

Cross-site scripting XSS vulnerability in web/servlet/tags/form/FormTag.java in Spring MVC in Spring Framework 3.0.0 before 3.2.8 and 4.0.0 before 4.0.2 allows remote attackers to inject arbitrary web script or HTML via the requested URI in a default action...

Framework: cross-site scripting flaw when using Spring MVC

Cross-site scripting XSS vulnerability in web/servlet/tags/form/FormTag.java in Spring MVC in Spring Framework 3.0.0 before 3.2.8 and 4.0.0 before 4.0.2 allows remote attackers to inject arbitrary web script or HTML via the requested URI in a default action...

CVE-2014-1904

Cross-site scripting XSS vulnerability in web/servlet/tags/form/FormTag.java in Spring MVC in Spring Framework 3.0.0 before 3.2.8 and 4.0.0 before 4.0.2 allows remote attackers to inject arbitrary web script or HTML via the requested URI in a default action...

Cross site scripting

Cross-site scripting XSS vulnerability in web/servlet/tags/form/FormTag.java in Spring MVC in Spring Framework 3.0.0 before 3.2.8 and 4.0.0 before 4.0.2 allows remote attackers to inject arbitrary web script or HTML via the requested URI in a default action...

CVE-2014-1904

Cross-site scripting XSS vulnerability in web/servlet/tags/form/FormTag.java in Spring MVC in Spring Framework 3.0.0 before 3.2.8 and 4.0.0 before 4.0.2 allows remote attackers to inject arbitrary web script or HTML via the requested URI in a default action...

CVE-2013-7183

cgi-bin/reboot.cgi on Seowon Intech SWC-9100 routers allows remote attackers to 1 cause a denial of service reboot via a defaultreboot action or 2 reset all configuration values via a factorydefault action...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Smart-Shop allow remote attackers to inject arbitrary web script or HTML via 1 the email parameter to index.php; or the command parameter to index.php in 2 the default action for the home page, 3 a currencies action, or 4 a basket action...

CVE-2007-5725

Multiple cross-site scripting XSS vulnerabilities in Smart-Shop allow remote attackers to inject arbitrary web script or HTML via 1 the email parameter to index.php; or the command parameter to index.php in 2 the default action for the home page, 3 a currencies action, or 4 a basket action...