XSS vulnerability in SiteLoom CMS

Vulnerability ID: HTB22516 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinsiteloomcms.html Product: SiteLoom CMS Vendor: SiteLoom ApS http://www.siteloom.dk/ Vulnerable Version: Current at 21.07.2010 and Probably Prior Versions Vendor Notification: 22 July 2010 Vulnerability Type: X...

XSS vulnerability in DT Centrepiece

Vulnerability ID: HTB22519 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityindtcentrepiece.html Product: DT Centrepiece Vendor: DT Services http://www.dt.net.nz/ Vulnerable Version: 4.5 and Probably Prior Versions Vendor Notification: 22 July 2010 Vulnerability Type: XSS Cross Site...

Amethyst 0.1.5 - Cross-Site Scripting

Vulnerability ID: HTB22502 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinamethyst2.html Product: Amethyst Vendor: Hulihan Applications http://hulihanapplications.com/projects/amethyst Vulnerable Version: 0.1.5 and Probably Prior Versions Vendor Notification: 22 July 2010...

Amethyst 0.1.5 - Cross-Site Scripting

Amethyst 0.1.5 - Cross-Site Scripting Vulnerability ID: HTB22502 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinamethyst2.html Product: Amethyst Vendor: Hulihan Applications http://hulihanapplications.com/projects/amethyst Vulnerable Version: 0.1.5 and Probably Prior Versions Vendor...

CVE-2010-1215

Mozilla Firefox 3.6.x before 3.6.7 and Thunderbird 3.1.x before 3.1.1 do not properly implement access to a content object through a SafeJSObjectWrapper aka SJOW wrapper, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges by leveraging "access to an object...

CVE-2010-1796

The AutoFill feature in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4, allows remote attackers to obtain sensitive Address Book Card information via JavaScript code that forces keystroke events for input fields...

Internet Explorer Script Engine Stack Exhaustion (CVE-2006-0753)

A stack exhaustion vulnerability exists in the Microsoft Internet Explorer Script Engine. The flaw is caused by certain types of recursive function calls in Javascript code. An attacker can exploit this vulnerability to cause a denial of service condition of the vulnerable application. In an atta...

CVE-2010-1215

Mozilla Firefox 3.6.x before 3.6.7 and Thunderbird 3.1.x before 3.1.1 do not properly implement access to a content object through a SafeJSObjectWrapper aka SJOW wrapper, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges by leveraging "access to an object...

PHPFaber CMS 2.0.5 Cross Site Scripting

Author: prodigy Date found: 4/07/2010 Software: PHPFaber Content Management System Vendor: www.phpfaber.com version: 2.0.5 Vulnerability founded: Multiple XSS Vulnerabilities Risk: Medium Impact: Malicious attackers can run javascript code into the page to perform phising attacks and cookie...

CuteSITE CMS 1.5.0 Cross Site Scripting

Vulnerability ID: HTB22397 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityincutesitecms.html Product: CuteSITE CMS Vendor: AMT Company Vulnerable Version: 1.5.0 and Probably Prior Versions Vendor Notification: 20 May 2010 Vulnerability Type: XSS Cross Site Scripting Status: Not Fixed,...

Mozilla Firefox 'IFRAME' Denial Of Service vulnerability (Windows)

The host is installed with Mozilla Firefox browser and is prone to Denial of Service vulnerability. OpenVAS Vulnerability Test $Id: gbmozillafirefoxiframedosvulnwin.nasl 5323 2017-02-17 08:49:23Z teissa $ Mozilla Firefox 'IFRAME' Denial Of Service vulnerability Windows Authors: Antu Sanadi...

Microsoft Internet Explorer 'IFRAME' Denial Of Service Vulnerability (Jun 2010)

Internet Explorer is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2010-2119

The CVE-2010-2119 entry concerns Microsoft Internet Explorer 6.0.2900.2180, where JavaScript code that loops infinitely to create IFRAME elements for invalid nntp:// URIs can cause a denial of service through resource consumption. Connected sources corroborate a DoS condition in IE triggered by i...

360 Web Manager 3.0 Cross Site Scripting

Vulnerability ID: HTB22377 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityin360webmanager.html Product: 360 Web Manager Vendor: 360 Web Manager Vulnerable Version: 3.0 Vendor Notification: 10 May 2010 Vulnerability Type: XSS Cross Site Scripting Status: Not Fixed, Vendor Alerted,...

Google Chrome 'IFRAME' Denial Of Service Vulnerability

This host is installed with Google Chrome and is prone to Denial Of Service vulnerability. OpenVAS Vulnerability Test $Id: secpodgooglechromeiframedosvuln.nasl 5394 2017-02-22 09:22:42Z teissa $ Google Chrome 'IFRAME' Denial Of Service Vulnerability Authors: Antu Sanadi Updated By: Madhuri D on...

RazorCMS 1.0 - adminindex.php HTML Injection

RazorCMS 1.0 - adminindex.php HTML Injection source: https://www.securityfocus.com/bid/40373/info razorCMS is prone to an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied data. Attacker-supplied HTML or JavaScript code could run in the context of the affected...

RazorCMS 1.0 - '/admin/index.php' HTML Injection

source: https://www.securityfocus.com/bid/40373/info razorCMS is prone to an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied data. Attacker-supplied HTML or JavaScript code could run in the context of the affected site, potentially allowing the attacker to ste...

Design/Logic Flaw

Mozilla Firefox 3.6.3 on Windows XP SP3 allows remote attackers to cause a denial of service memory consumption and application crash via JavaScript code that creates multiple arrays containing elements with long string values, and then appends long strings to the content of a P element, related ...

CVE-2010-1988

Mozilla Firefox 3.6.3 on Windows XP SP3 allows remote attackers to cause a denial of service NULL pointer dereference and application crash or possibly execute arbitrary code via JavaScript code that performs certain string concatenation and substring operations, a different vulnerability than...

VMware Portal 3.1 Cross Site Scripting

DSECRG-09-058 Vmware View - XSS vulnerability Linked XSS in VMware Portal Digital Security Research Group DSecRG Advisory DSECRG-09-058 Application: VMware View Portal Versions Affected: alert/XSS/.source Solution Update VmWare View to version 3.1.3 References...