20 matches found
QtWebEngine: Multiple Vulnerabilities
Background QtWebEngine is a library for rendering dynamic web content in Qt5 and Qt6 C++ and QML applications. Description Multiple vulnerabilities have been discovered in QtWebEngine. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE...
QtWebEngine: Multiple Vulnerabilities
Background QtWebEngine is a library for rendering dynamic web content in Qt5 and Qt6 C++ and QML applications. Description Multiple vulnerabilities have been discovered in QtWebEngine. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE...
Qt WebEngine: Multiple vulnerabilities
Background Library for rendering dynamic web content in Qt5 C++ and QML applications. Description Multiple vulnerabilities have been discovered in Qt WebEngine. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details...
Adam Webb NukeJokes 1.7/2.0 Module modules.php jokeid Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/10306/info It has been reported that the NukeJokes module is affected by multiple input validation vulnerabilities. These issues are due to a failure of the application to properly sanitize user supplied user input...
XAMPP Phonebook.PHP Multiple Remote HTML Injection Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/13127/info XAMPP is prone to multiple remote HTML-injection vulnerabilities because the software fails to properly sanitize user-supplied input before including it in dynamically generated web content. An attacker may...
SquirrelMail 1.4.x Folder Name Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/10246/info It has been reported that SquirrelMail is affected by a cross-site scripting vulnerability in the handling of folder name displays. This issue is due to a failure of the application to properly sanitize...
Moodle Help Script 1.x Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/10718/info It is reported that Moodle is susceptible to a cross-site scripting vulnerability in the 'help.php' script. This issue is due to a failure of the application to properly sanitize user-supplied input prior to...
Claroline 1.5/1.6 userInfo.php Multiple Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/13407/info Multiple remote input validation vulnerabilities affect Claroline e-Learning Application. These issues are due to a failure of the application to properly sanitize user-supplied input prior to using it to carry...
Internet Explorer COL SPAN Heap Overflow
Added: 08/06/2012 CVE: CVE-2012-1876 BID: 53848 OSVDB: 82866 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem Internet Explorer allows websites to utilize Javascript to create dynamic web content. As such, websites can include...
Internet Explorer COL SPAN Heap Overflow
Added: 08/06/2012 CVE: CVE-2012-1876 BID: 53848 OSVDB: 82866 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem Internet Explorer allows websites to utilize Javascript to create dynamic web content. As such, websites can include...
DynPG CMS v4.1.0 Multiple Vulnerabilities
Exploit for php platform in category web applications ========================================= DynPG CMS v4.1.0 Multiple Vulnerabilities ========================================= +Title : DynPG CMS Multiple Remote File Inclusion Vulnerability +Version: 4.1.0 Other or lower versions may also be...
X-BLC 0.2.0 - get_read.php?section SQL Injection
X-BLC 0.2.0 - getread.php?section SQL Injection !/usr/bin/perl -w :::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ "Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP" "YmmMMMM"" MMM YM Discovered by dun \ dunatstrcpy.pl xblc = 0.2.0 SQL Injection Vulnerability Script: "X-BLC is a...
Sun Secure Global Desktop / Tarantella < 4.20.983 Multiple XSS
Sun Secure Global Desktop or Tarantella, a Java-based program for web-enabling applications running on a variety of platforms, is installed on the remote web server. According to the version reported in one of its scripts, the installation of the software on the remote host fails to sanitize...
Update Protection against Geeklog Remote Code Execution Vulnerability
Geeklog is a PHP/MySQL based application for managing dynamic web content. Geeklog CMS fails to validate multiple file extensions, potentially allowing a remote attacker to upload malicious script code, which will be executed in the context of the webserver process...
mvnForum activatemember Multiple Parameter XSS
The remote host is running mvnForum, an open source, forum application based on Java J2EE. The version of mvnForum installed on the remote host fails to sanitize user-supplied input to the 'activatecode' and 'member' parameters of the 'activatemember' script before using it to generate dynamic we...
XOOPS 2.0.11 && Earlier Multiple Vulnerabilities
GulfTech Security Research June 28th, 2005 Vendor : XOOPS URL : http://www.xoops.org/ Version : XOOPS 2.0.11 And Earlier Risk : Multiple Vulnerabilities Description: XOOPS is a very popular dynamic web content management system written in Object Oriented PHP. One of the features of XOOPS is it's...
Claroline E-Learning 1.51.6 - userInfo.php Multiple SQL Injections
Claroline E-Learning 1.51.6 - userInfo.php Multiple SQL Injections source: https://www.securityfocus.com/bid/13407/info Multiple remote input validation vulnerabilities affect Claroline e-Learning Application. These issues are due to a failure of the application to properly sanitize user-supplied...
BEA WebLogic Server 8.1 WebLogic Express Administration Console - Cross-Site Scripting
BEA WebLogic Server 8.1 WebLogic Express Administration Console - Cross-Site Scripting source: https://www.securityfocus.com/bid/13400/info A remote cross-site scripting vulnerability affects BEA WebLogic Server and WebLogic Express administration console. This issue is due to a failure of the...
SquirrelMail 1.4.x - Folder Name Cross-Site Scripting
SquirrelMail 1.4.x - Folder Name Cross-Site Scripting source: https://www.securityfocus.com/bid/10246/info It has been reported that SquirrelMail is affected by a cross-site scripting vulnerability in the handling of folder name displays. This issue is due to a failure of the application to...
SquirrelMail 1.4.x - Folder Name Cross-Site Scripting
source: https://www.securityfocus.com/bid/10246/info It has been reported that SquirrelMail is affected by a cross-site scripting vulnerability in the handling of folder name displays. This issue is due to a failure of the application to properly sanitize user-supplied input prior to including it...