8101 matches found
Standard HTML form implementation allows access to IMAP, SMTP, NNTP, POP3, and other services via crafted HTML page
Overview An intruder can send certain kinds of data to services that he is not ordinarily able to reach. By crafting the data such that it is redirected through any program the victim uses to render the malicious HTML, the intruder is able send that data to any services that the victim can send...
Атака через web-формы (HTML Form Protocol Attack)
Содержимое формы может быть передано в любой порт эмулируя работу какого-либо протокола...
SERIOUS BUG IN PHPNUKE
Yes, phpnuke.org, was contacted.... First take a look at: http://phpnuke.org/user.php?op=userinfo&uname=MegaHz Then, read this................. PHPnuke Bugs. After testing just a few scripts on phpnuke I have noticed the following: Some fields in the registration form allow code and fail to filte...
Дырка в Lotus Notes (stored foms)
Внутрь письма можно вставить исполняемый код во внутреннем формате...
Lotus Notes Stored Form Vulnerability
Security Advisory: Lotus Notes Stored Form Vulnerability Date: 8th February 2001 Author: Chris Jones aka dp [email protected] Versions Affected: At present only Lotus Notes v4.6 has been tested ---- Exploit Introduction ------------------------------------------ Due to the design flaws of Lotus Not...
CVE-1999-1287
Vulnerability in Analog 3.0 and earlier allows remote attackers to read arbitrary files via the forms interface...
cuartangojc-clipboard-msie.txt
Date: Thu, 21 Jan 1999 15:59:15 +0100 From: Juan Carlos Garcia Cuartango To: [email protected] Subject: New IE4 privacy issue Greetings, There is a new IE 4 issue affecting privacy. The clipboard content can be made public by a javascript code two lines long. I reported the problem...
Microsoft Internet Explorer 4 - Clipboard Paste
Microsoft Internet Explorer 4 - Clipboard Paste source: https://www.securityfocus.com/bid/215/info The Windows clipboard contains data that has been cut or copied from various windows applications. This data can be accessed and posted to malicious web forms at web sites without the knowledge of t...
Microsoft Internet Explorer 4 - Clipboard Paste
source: https://www.securityfocus.com/bid/215/info The Windows clipboard contains data that has been cut or copied from various windows applications. This data can be accessed and posted to malicious web forms at web sites without the knowledge of the visiting end-user. Normally, Microsoft securi...
CVE-1999-0384
The Forms 2.0 ActiveX control included with Visual Basic for Applications 5.0 can be used to read text from a user's clipboard when the user accesses documents with ActiveX content...
CVE-2026-48736: IpUtils::PRIVATE_SUBNETS Omits IPv6 Transition Forms (6to4, NAT64, Teredo, IPv4-compatible): SSRF Bypass in NoPrivateNetworkHttpClient
More info at https://symfony.com/cve-2026-48736...
Insert tag injection in front end forms
More info at https://contao.org/en/security-advisories/insert-tag-injection-in-forms.html...
Security Update for ISA Server 2006 RTM (KB 970811)
When publishing a Web server using forms-based authentication with Radius one-time password OTP as the credentials authority and Kerberos constrained delegation, it may be possible to bypass the form authentication and log on using invalid credentials...
Security Update for ISA Server 2006 Supportability Pack (KB 968078)
This update resolves the issues described in Knowledge Base article 968078 ISA Server 2006: • ISA Server 2006 Web proxy and Web publishing listeners may stop accepting new requests after receiving specially-crafted packets. • ISA Server 2006 forms-based authentication may allow a browser to be...
Security update 1970-01-01
...
Security update 1970-01-01
...
Security Update for Microsoft Office Forms Server 2007 (KB2553005), 64-bit Edition
A security vulnerability exists in Microsoft Microsoft Office Forms Server 2007, 64-bit Edition that could allow arbitrary code to run when a maliciously modified file is opened. This update resolves that vulnerability...
Security Update for ISA Server 2006 Service Pack 1 (KB 971143)
When publishing a Web server using forms-based authentication with Radius one-time password OTP as the credentials authority and Kerberos constrained delegation, it may be possible to bypass the form authentication and log on using invalid credentials...
Security Update for ISA Server 2006 SP1 (KB 968078)
This update resolves the issues described in Knowledge Base article 968078 ISA Server 2006: • ISA Server 2006 Web proxy and Web publishing listeners may stop accepting new requests after receiving specially-crafted packets. • ISA Server 2006 forms-based authentication may allow a browser to be...
CVE-2026-48736: IpUtils::PRIVATE_SUBNETS Omits IPv6 Transition Forms (6to4, NAT64, Teredo, IPv4-compatible): SSRF Bypass in NoPrivateNetworkHttpClient
More info at https://symfony.com/cve-2026-48736...