12 matches found
EUVD-2018-0733
Malware in sbrugna...
EUVD-2005-0832
Malware in sbrugna...
CVE-2014-9772
The validator package before 2.0.0 for Node.js allows remote attackers to bypass the cross-site scripting XSS filter via hex-encoded characters...
CVE-2014-9772
The validator package before 2.0.0 for Node.js allows remote attackers to bypass the cross-site scripting XSS filter via hex-encoded characters...
CVE-2014-9772
Removed by vendor...
CVE-2005-1994
Finjan SurfinGate 7.0SP2 and SP3 allows remote attackers to download blocked files via hex-encoded characters in a filename, as demonstrated using "%2e"...
CVE-2005-1994
Finjan SurfinGate 7.0SP2 and SP3 allows remote attackers to download blocked files via hex-encoded characters in a filename, as demonstrated using "%2e"...
CVE-2005-0831
PHP-Post allows remote attackers to spoof the names of other users by registering with a username containing hex-encoded characters...
CVE-2005-0831
The vulnerability CVE-2005-0831 affects PHP-Post and allows remote attackers to spoof other users’ names by registering with a username containing hex-encoded characters. The description is confirmed across multiple sources (NVD, Red Hat CVE entry, CVE List) and indicates weak input handling enab...
CVE-2005-0479
CVE-2005-0479 : The vulnerability affects TrackerCam (TrackerCam 5.12 and earlier). A directory traversal flaw exists in ComGetLogFile.php3 that allows remote attackers to read arbitrary files by supplying a manipulated fn parameter with .. sequences and variations such as / , ****, or hex-encode...
CVE-2001-0902
Microsoft IIS 5.0 allows remote attackers to spoof web log entries via an HTTP request that includes hex-encoded newline or form-feed characters...
CVE-2003-0228
Directory traversal vulnerability in Microsoft Windows Media Player 7.1 and Windows Media Player for Windows XP allows remote attackers to execute arbitrary code via a skins file with a URL containing hex-encoded backslash characters %5C that causes an executable to be placed in an arbitrary...