GHSA-2V35-W6HQ-6MFW xmldom: Uncontrolled recursion in XML serialization leads to DoS

Summary Seven recursive traversals in lib/dom.js operate without a depth limit. A sufficiently deeply nested DOM tree causes a RangeError: Maximum call stack size exceeded, crashing the application. Reported operations: - Node.prototype.normalize — reported by @praveen-kv email 2026-04-05 and...

Ecmall 2.3.0 /app/my_goods.app.php SQL注射漏洞

简要描述： 不修复那我就一个一个的提出来 详细说明： 缺陷文件：/app/mygoods.app.phpcode 区域function brandlist if !empty$GET'brandname' || !empty$GET'store' $GET'brandname' && $filtered = " AND brandname LIKE '%$GET'brandname'%'"; $GET'store' && $filtered = $filtered . " AND storeid = " . $this-storeid; if isset$GET'sort' &&...

Internet Explorer Style getElementsByTagName Memory Corruption

No description provided by source. $Id: ms09072styleobject.rb 9787 2010-07-12 02:51:50Z egypt $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms ...

Microsoft Internet Explorer - Style getElementsByTagName Memory Corruption (MS09-072) (Metasploit)

$Id: ms09072styleobject.rb 9787 2010-07-12 02:51:50Z egypt $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

CVE-2009-1918

Microsoft Internet Explorer 5.01 SP4 and 6 SP1; Internet Explorer 6 for Windows XP SP2 and SP3 and Server 2003 SP2; and Internet Explorer 7 and 8 for Windows XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 do not properly handle table operations, which allo...

Memory corruption

Microsoft Internet Explorer 5.01 SP4 and 6 SP1; Internet Explorer 6 for Windows XP SP2 and SP3 and Server 2003 SP2; and Internet Explorer 7 and 8 for Windows XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 do not properly handle table operations, which allo...

Microsoft Internet Explorer onreadystatechange Memory Corruption Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists when repeated calls are made to...