152 matches found
CVE-2014-1539
Mozilla Firefox before 30.0 and Thunderbird through 24.6 on OS X do not ensure visibility of the cursor after interaction with a Flash object and a DIV element, which makes it easier for remote attackers to conduct clickjacking attacks via JavaScript code that produces a fake cursor image...
CVE-2014-1539
Mozilla Firefox before 30.0 and Thunderbird through 24.6 on OS X do not ensure visibility of the cursor after interaction with a Flash object and a DIV element, which makes it easier for remote attackers to conduct clickjacking attacks via JavaScript code that produces a fake cursor image...
Cross site scripting
Cross-site scripting XSS vulnerability in decoda/Decoda.php in Decoda before 3.2 allows remote attackers to inject arbitrary web script or HTML via vectors related to 1 b or 2 div tags...
[CAL-2012-0026] Microsfot IE Same ID Property Remote Code Execution Vulnerability
CAL-2012-0026 Microsfot IE Same ID Property Remote Code Execution Vulnerability CVE ID: CVE-2012-1875 http://technet.microsoft.com/en-us/security/bulletin/ms12-037 http://blog.vulnhunt.com/index.php/2012/06/13/cal-2012-0026-microsfot-ie-same-id-property-remote-code-execution-vulnerability/ 1...
Century wind enterprise website management system vulnerability-vulnerability warning-the black bar safety net
by Mr. DzY Century wind enterprise website management system of SME-oriented Web Site Management System,page fine,atmosphere. Having a stable set of strong,multi-function,Safety,code loading speed,web site content management, easy operation and other advantages. The use of div+css architecture,is...
Century wind enterprise website management system plug horse vulnerabilities and fixes-vulnerability warning-the black bar safety net
From www.0855.tv by Mr. DzY Century wind enterprise website management system of SME-oriented Web Site Management System,page fine,atmosphere. Having a stable set of strong,multi-function,Safety,code loading speed,web site content management, easy operation and other advantages. The use of div+cs...
Image Perspective Design SQL Injection
x Exploit Title: Image Perspective Design SQL Ýnjection Vulnerability x Date: 31/08/2011 x Author: 3spi0n x HomePage: Http://Www.3spi0n.NET / Facebook.Com/3spi0ne x E-Mail: 3spi0natgmaildotcom | Http://Twitter.Com/RigidusCO x Software Link: http://www.imageperspective.com/ x Category: WebApps x...
OpenBSD/x86 sys_execve ('/bin/sh -c "reboot"') - 178 bytes (encoded)
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail :...
Mozilla crash and remote code execution using HTML tags inside a XUL tree (MFSA 2010-77)
Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, does not properly calculate index values for certain child content in a XUL tree, which allows remote attackers to execute arbitrary code via vectors involving a DIV element within a treechildren element...
Mozilla crash and remote code execution using HTML tags inside a XUL tree (MFSA 2010-77)
Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, does not properly calculate index values for certain child content in a XUL tree, which allows remote attackers to execute arbitrary code via vectors involving a DIV element within a treechildren element...
Mozilla crash and remote code execution using HTML tags inside a XUL tree (MFSA 2010-77)
Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, does not properly calculate index values for certain child content in a XUL tree, which allows remote attackers to execute arbitrary code via vectors involving a DIV element within a treechildren element...
Design/Logic Flaw
The HTTP client functionality in Apple iPhone OS 3.1 on the iPhone 2G and 3.1.3 on the iPhone 3GS allows remote attackers to cause a denial of service Safari, Mail, or Springboard crash via a crafted innerHTML property of a DIV element, related to a "malformed character" issue...
CVE-2010-1226
The HTTP client functionality in Apple iPhone OS 3.1 on the iPhone 2G and 3.1.3 on the iPhone 3GS allows remote attackers to cause a denial of service Safari, Mail, or Springboard crash via a crafted innerHTML property of a DIV element, related to a "malformed character" issue...
CVE-2009-2764
Microsoft Internet Explorer 8.0.7100.0 on Windows 7 RC on the x64 platform allows remote attackers to cause a denial of service application crash via a certain DIV element in conjunction with SCRIPT elements that have empty contents and no reference to a valid external script location...
CVE-2008-5282
Multiple stack-based buffer overflows in W3C Amaya Web Browser 10.0.1 allow remote attackers to execute arbitrary code via 1 a link with a long HREF attribute, and 2 a DIV tag with a long id attribute...
CVE-2008-5282
Multiple stack-based buffer overflows in W3C Amaya Web Browser 10.0.1 allow remote attackers to execute arbitrary code via 1 a link with a long HREF attribute, and 2 a DIV tag with a long id attribute...
Amaya browser multiplesecurity vulnerabilities
Buffer overflow on oversized href in a tag, buffer overflow on oversized id in div tag...
Cross site scripting
Cross-site scripting XSS vulnerability in the private message feature in Nuke ET 3.2 and 3.4, when using Internet Explorer, allows remote authenticated users to inject arbitrary web script or HTML via a CSS property in the STYLE attribute of a DIV element in the mensaje parameter. NOTE: some of...
CVE-2008-1873
CVE-2008-1873 is a cross-site scripting (XSS) vulnerability in Nuke ET’s private message feature affecting Nuke ET 3.2 and 3.4. The flaw allows remote authenticated users to inject arbitrary script/HTML via a CSS property in the STYLE attribute of a DIV element within the mensaje parameter, with ...
CVE-2008-1873
Cross-site scripting XSS vulnerability in the private message feature in Nuke ET 3.2 and 3.4, when using Internet Explorer, allows remote authenticated users to inject arbitrary web script or HTML via a CSS property in the STYLE attribute of a DIV element in the mensaje parameter. NOTE: some of...