Lucene search
K

166 matches found

Prion
Prion
added 2013/03/01 5:40 a.m.13 views

Cross site scripting

Cross-site scripting XSS vulnerability in dopvCOMET 0009b allows remote attackers to inject arbitrary web script or HTML via the HTTP Referer header, which is not properly handled during display of the access log...

4.3CVSS6.1AI score0.01148EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2013/03/01 2:0 a.m.46 views

CVE-2013-0709

CVE-2013-0709 concerns a cross-site scripting (XSS) vulnerability in the dopvSTAR* 0091 product. The issue arises from how the HTTP Referer header is handled during display of the access log, allowing remote attackers to inject arbitrary web script or HTML. The connected JVN entries confirm the a...

4.3CVSS5.9AI score0.01148EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2013/03/01 2:0 a.m.48 views

CVE-2013-0708

CVE-2013-0708 concerns a cross-site scripting (XSS) vulnerability in dopvCOMET* 0009b, where an attacker can inject arbitrary scripts via the HTTP Referer header during display of the access log. The vulnerability could allow a user’s browser to execute injected code, as indicated by multiple sou...

4.3CVSS5.9AI score0.01148EPSS
Exploits0References3Affected Software1
securityvulns
securityvulns
added 2013/01/10 12:0 a.m.83 views

Cross-Site Scripting (XSS) vulnerability in Quick.Cms and Quick.Cart

Advisory ID: HTB23135 Product: Quick.Cms, Quick.Cart Vendor: OpenSolution team Vulnerable Versions: Quick.Cms 5.0, Quick.Cart 6.0 and probably prior Tested Version: Quick.Cms 5.0, Quick.Cart 6.0 Vendor Notification: December 19, 2012 Vendor Patch: December 20, 2012 Public Disclosure: January 9,...

4.3CVSS6.1AI score0.0391EPSS
Exploits3
htbridge
htbridge
added 2012/12/19 12:0 a.m.37 views

Cross-Site Scripting (XSS) vulnerability in Quick.Cms and Quick.Cart

High-Tech Bridge Security Research Lab discovered XSS vulnerability in Quick.Cms and Quick.Cart - two products developed by OpenSolution team, which can be exploited to perform cross-site scripting attacks. 1. Cross-Site Scripting XSS vulnerability in Quick.Cms and Quick.Cart: CVE-2012-6430 The...

4.3CVSS5.4AI score0.0391EPSS
Exploits3Affected Software1
NVD
NVD
added 2012/07/31 10:45 a.m.16 views

CVE-2012-3848

Multiple cross-site scripting XSS vulnerabilities in the web console in Plixer Scrutinizer aka Dell SonicWALL Scrutinizer before 9.5.0 allow remote attackers to inject arbitrary web script or HTML via 1 the query string to d4d/exporters.php, 2 the HTTP Referer header to d4d/exporters.php, or 3...

4.3CVSS5.7AI score0.02492EPSS
Exploits3References2
Prion
Prion
added 2012/07/31 10:45 a.m.19 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the web console in Plixer Scrutinizer aka Dell SonicWALL Scrutinizer before 9.5.0 allow remote attackers to inject arbitrary web script or HTML via 1 the query string to d4d/exporters.php, 2 the HTTP Referer header to d4d/exporters.php, or 3...

4.3CVSS6.1AI score0.02492EPSS
Exploits3References2Affected Software1
NVD
NVD
added 2011/02/23 1:0 a.m.19 views

CVE-2011-1062

Multiple cross-site scripting XSS vulnerabilities in include/html/header.php in TaskFreak! 0.6.4 allow remote attackers to inject arbitrary web script or HTML via the 1 sContext, 2 sort, 3 dir, and 4 show parameters in a save action to index.php; the 5 dir and 6 show parameters to printlist.php;...

4.3CVSS5.8AI score0.01751EPSS
Exploits2References6
Prion
Prion
added 2010/04/21 2:30 p.m.18 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Pligg before 1.0.3 allow remote attackers to inject arbitrary web script or HTML via the HTTP Referer header to 1 admin/adminconfig.php, 2 admin/adminmodules.php, 3 delete.php, 4 editlink.php, 5 submit.php, 6 submitgroups.php, 7...

4.3CVSS6AI score0.01624EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2009/09/28 10:30 p.m.18 views

CVE-2009-3444

Cross-site scripting XSS vulnerability in email.php in e107 0.7.16 and earlier allows remote attackers to inject arbitrary web script or HTML via the HTTP Referer header in a news.1 aka news to email action...

4.3CVSS5.7AI score0.01734EPSS
Exploits1References6
CVE
CVE
added 2009/09/28 10:0 p.m.48 views

CVE-2009-3444

The CVE-2009-3444 entry concerns the e107 web platform (versions 0.7.16 and earlier) with a Cross-Site Scripting (XSS) vulnerability in email.php triggered via the HTTP Referer header in the news.1 (news to email) action. Affected component: e107 (email.php within news-to-email flow). Root cause:...

4.3CVSS5.7AI score0.01734EPSS
Exploits1References6Affected Software1
Prion
Prion
added 2009/08/19 5:24 a.m.15 views

Code injection

modules/tool/hitcounter.php in devalcms 1.4a allows remote attackers to execute arbitrary PHP code via the HTTP Referer header with a target file specified in the gvfolderdata parameter, as demonstrated by modifying modules/tool/url2header.php...

7.5CVSS8.1AI score0.05786EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2009/08/18 10:0 a.m.24 views

CVE-2008-6983

modules/tool/hitcounter.php in devalcms 1.4a allows remote attackers to execute arbitrary PHP code via the HTTP Referer header with a target file specified in the gvfolderdata parameter, as demonstrated by modifying modules/tool/url2header.php...

7.6AI score0.05786EPSS
Exploits1References4
Prion
Prion
added 2009/06/01 2:30 p.m.12 views

Sql injection

SQL injection vulnerability in main/tracking/userLog.php in Francisco Burzi PHP-Nuke 8.0 allows remote attackers to execute arbitrary SQL commands via the HTTP Referer header...

7.5CVSS9AI score0.00961EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2009/06/01 2:0 p.m.23 views

CVE-2009-1842

SQL injection vulnerability in main/tracking/userLog.php in Francisco Burzi PHP-Nuke 8.0 allows remote attackers to execute arbitrary SQL commands via the HTTP Referer header...

8.3AI score0.00961EPSS
Exploits1References3
NVD
NVD
added 2008/08/01 2:41 p.m.7 views

CVE-2007-2952

Multiple stack-based buffer overflows in the filter service aka k9filter.exe in Blue Coat K9 Web Protection 3.2.44 with Filter 3.2.32 allow 1 remote attackers to execute arbitrary code via a long HTTP Referer header to the K9 Web Protection Administration interface and 2 man-in-the-middle attacke...

9.3CVSS7.6AI score0.15493EPSS
Exploits3References12
Prion
Prion
added 2008/08/01 2:41 p.m.14 views

Stack overflow

Multiple stack-based buffer overflows in the filter service aka k9filter.exe in Blue Coat K9 Web Protection 3.2.44 with Filter 3.2.32 allow 1 remote attackers to execute arbitrary code via a long HTTP Referer header to the K9 Web Protection Administration interface and 2 man-in-the-middle attacke...

9.3CVSS8.2AI score0.15493EPSS
Exploits3References12Affected Software2
Cvelist
Cvelist
added 2008/08/01 2:0 p.m.15 views

CVE-2007-2952

Multiple stack-based buffer overflows in the filter service aka k9filter.exe in Blue Coat K9 Web Protection 3.2.44 with Filter 3.2.32 allow 1 remote attackers to execute arbitrary code via a long HTTP Referer header to the K9 Web Protection Administration interface and 2 man-in-the-middle attacke...

7.6AI score0.15493EPSS
Exploits3References12
securityvulns
securityvulns
added 2008/06/09 12:0 a.m.62 views

Secunia Research: Akamai Red Swoosh Cross-Site Request Forgery

====================================================================== Secunia Research 06/06/2008 - Akamai Red Swoosh Cross-Site Request Forgery Vulnerabilities - ====================================================================== Table of Contents Affected...

7.1CVSS0.6AI score0.00773EPSS
Exploits1
Prion
Prion
added 2008/03/27 10:44 a.m.25 views

Cross site request forgery (csrf)

Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9, when generating the HTTP Referer header, does not list the entire URL when it contains Basic Authentication credentials without a username, which makes it easier for remote attackers to bypass application protection mechanisms that rely ...

5CVSS6.9AI score0.02443EPSS
Exploits2References35Affected Software2
Rows per page
Query Builder