Lucene search
K

1933 matches found

Tenable Nessus
Tenable Nessus
added 2010/11/04 12:0 a.m.26 views

FreeBSD : Mailman -- XSS in web interface (4ab29e12-e787-11df-adfa-00e0815b8da8)

Secunia reports : Two vulnerabilities have been reported in Mailman, which can be exploited by malicious users to conduct script insertion attacks. Certain input passed via the list descriptions is not properly sanitised before being displayed to the user. This can be exploited to insert arbitrar...

3.5CVSS6.4AI score0.01973EPSS
Exploits0References2
Saint
Saint
added 2010/11/04 12:0 a.m.77 views

Mozilla Firefox document.write and DOM insertion memory corruption

Added: 11/04/2010 CVE: CVE-2010-3765 BID: 44425 OSVDB: 68905 Background Firefox is a freely available web browser for multiple platforms including Windows, Linux, and Mac OS. Problem A memory corruption vulnerability allows command execution when a user loads a specially crafted web page containi...

9.3CVSS9.8AI score0.83279EPSS
Exploits14
Saint
Saint
added 2010/11/04 12:0 a.m.32 views

Mozilla Firefox document.write and DOM insertion memory corruption

Added: 11/04/2010 CVE: CVE-2010-3765 BID: 44425 OSVDB: 68905 Background Firefox is a freely available web browser for multiple platforms including Windows, Linux, and Mac OS. Problem A memory corruption vulnerability allows command execution when a user loads a specially crafted web page containi...

9.3CVSS9.8AI score0.83279EPSS
Exploits14
htbridge
htbridge
added 2010/11/02 12:0 a.m.215 views

Multiple Vulnerabilities in CLANSPHERE

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in CLANSPHERE which could be exploited to perform cross-site scripting, script insertion and SQL injection attacks. 1 Cross-site scripting XSS vulnerability in CLANSPHERE The vulnerability exists due to input...

7.5CVSS7.8AI score
Exploits0Affected Software1
securityvulns
securityvulns
added 2010/11/01 12:0 a.m.44 views

Mozilla Firefox / Thunderbird / Seamonkey buffer overflow

Buffer overflow on document.write and DOM insertion is used in-the-wile for hidden malware installation...

9.3CVSS3.1AI score0.83279EPSS
Exploits14References1Affected Software3
securityvulns
securityvulns
added 2010/11/01 12:0 a.m.76 views

Mozilla Foundation Security Advisory 2010-73

Mozilla Foundation Security Advisory 2010-73 Title: Heap buffer overflow mixing document.write and DOM insertion Impact: Critical Announced: October 27, 2010 Reporter: Morten Krkvik Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 3.6.12 Firefox 3.5.15 Thunderbird 3.1.6 Thunderbird...

9.3CVSS9.4AI score0.83279EPSS
Exploits14
FreeBSD
FreeBSD
added 2010/10/27 12:0 a.m.40 views

mozilla -- Heap buffer overflow mixing document.write and DOM insertion

The Mozilla Project reports: MFSA 2010-73 Heap buffer overflow mixing document.write and DOM insertion...

9.8CVSS9.9AI score0.83279EPSS
Exploits14References1
htbridge
htbridge
added 2010/10/21 12:0 a.m.24 views

Multiple Vulnerabilities in eoCMS

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in eoCMS which could be exploited to perform script insertion and SQL injection attacks, gain access to sensitive information and compromise vulnerable system. 1 Script insertion vulnerability in eoCMS An input...

7.6CVSS8.3AI score
Exploits0Affected Software1
htbridge
htbridge
added 2010/10/21 12:0 a.m.23 views

Multiple Vulnerabilities in MiniBB

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in MiniBB which could be exploited to perform script insertion and SQL injection attacks. 1 Script insertion vulnerability in MiniBB Input passed to the "url" BBCode tag is not properly sanitized. A remote attacker...

7.5CVSS8.6AI score
Exploits0Affected Software1
htbridge
htbridge
added 2010/10/21 12:0 a.m.56 views

Script Insertion Vulnerability in Textpattern CMS

High-Tech Bridge SA Security Research Lab has discovered vulnerability in Textpattern CMS which could be exploited to perform script insertion attacks. 1 Script insertion vulnerability in Textpattern CMS An input sanitation error exists in the comment field. A remote attacker can insert arbitrary...

6.8AI score
Exploits0Affected Software1
xssed
xssed
added 2010/10/15 12:0 a.m.13 views

Unfixed Script Insertion vulnerability at www.studio92.com

Security researcher sh3n, has submitted on 15/10/2010 a Script Insertion vulnerability affecting www.studio92.com, which at the time of submission ranked 73031 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 20/12/2011. It is currently unfixed...

Exploits0References1
RedHat Linux
RedHat Linux
added 2010/10/13 4:22 p.m.2 views

TLS: MITM attacks via session renegotiation

The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services IIS 7.0, modssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services NSS 3.12.4 and earlier, multiple Cis...

9.8CVSS6.9AI score0.87264EPSS
Exploits14References4
Packet Storm
Packet Storm
added 2010/10/11 12:0 a.m.18 views

BaconMap 1.0 SQL Injection

------------------------------------------------------------------------ Software................BaconMap 1.0 Vulnerability...........SQL Injection Download................http://baconmap.nmsu.edu/ Release Date............10/10/2010 Tested On...............Windows Vista + XAMPP...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2010/10/11 12:0 a.m.14 views

BaconMap 1.0 - SQL Injection

BaconMap 1.0 - SQL Injection ------------------------------------------------------------------------ Software................BaconMap 1.0 Vulnerability...........SQL Injection Download................http://baconmap.nmsu.edu/ Release Date............10/10/2010 Tested On...............Windows Vis...

8.7AI score
Exploits0
Exploit DB
Exploit DB
added 2010/10/11 12:0 a.m.28 views

BaconMap 1.0 - SQL Injection

------------------------------------------------------------------------ Software................BaconMap 1.0 Vulnerability...........SQL Injection Download................http://baconmap.nmsu.edu/ Release Date............10/10/2010 Tested On...............Windows Vista + XAMPP...

7.4AI score
Exploits0
FreeBSD
FreeBSD
added 2010/09/14 12:0 a.m.31 views

Mailman -- cross-site scripting in web interface

Secunia reports: Two vulnerabilities have been reported in Mailman, which can be exploited by malicious users to conduct script insertion attacks. Certain input passed via the list descriptions is not properly sanitised before being displayed to the user. This can be exploited to insert arbitrary...

3.5CVSS6.1AI score0.01973EPSS
Exploits0References1
0day.today
0day.today
added 2010/09/02 12:0 a.m.30 views

Parallels Plesk Sitebuilder Persistent Xss Vulnerability

Exploit for php platform in category web applications ======================================================== Parallels Plesk Sitebuilder Persistent Xss Vulnerability ======================================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2010/08/21 12:0 a.m.23 views

Flock Browser 3.0.0.3989 Malformed Bookmark Cross Site Scripting

Flock Browser 3.0.0.3989 Malformed Bookmark XSS Vendor URL: http://beta.flock.com/ Advisore: http://lostmon.blogspot.com/2010/08/flock-browser-3003989-malformed.html Vendor notify:NO exploits availables:YES Flock is faster, simpler, and more friendly. Literally. It's the only sleek, modern web...

7.4AI score
Exploits0
htbridge
htbridge
added 2010/08/18 12:0 a.m.20 views

Script Insertion Vulnerabilities in ArtGK CMS

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in ArtGK CMS which could be exploited to perform script insertion attacks. 1 Script insertion vulnerabilities in ArtGK CMS 1.1 Input passed to the "content" parameter in cms/classes/CForm.php is not properly sanitiz...

7AI score
Exploits0Affected Software1
securityvulns
securityvulns
added 2010/08/08 12:0 a.m.65 views

Secunia Research: MantisBT "Add Category" Script Insertion Vulnerability

====================================================================== Secunia Research 05/08/2010 - MantisBT "Add Category" Script Insertion Vulnerability - ====================================================================== Table of Contents Affected...

2.1CVSS0.6AI score0.01804EPSS
Exploits0
Rows per page
Query Builder