NPDS REvolution Cross Site Scripting

Vulnerability ID: HTB22363 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinnpds.html Product: NPDS REvolution Vendor: NPDS Vulnerable Version: REvolution 10.02 and Probably Prior Versions Vendor Notification: 29 April 2010 Vulnerability Type: XSS Cross Site Scripting Status: Not Fixe...

Microsoft SharePoint Server 2007 - Cross-Site Scripting

Microsoft SharePoint Server 2007 - Cross-Site Scripting Vulnerability ID: HTB22350 Reference: http://www.htbridge.ch/advisory/xssinmicrosoftsharepointserver2007.html http://www.microsoft.com/technet/security/advisory/983438.mspx Product: Microsoft SharePoint Server 2007 Vendor: Microsoft...

Ubuntu Update for moin vulnerabilities USN-925-1

Ubuntu Update for Linux kernel vulnerabilities USN-925-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN9251.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for moin vulnerabilities USN-925-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...

Microsoft Internet Explorer Denial of Service Vulnerability - Mar10

This host is installed with Internet Explorer and is prone to Denial of Service Vulnerability. OpenVAS Vulnerability Test $Id: secpodmsiedosvulnmar10.nasl 5394 2017-02-22 09:22:42Z teissa $ Microsoft Internet Explorer Denial of Service Vulnerability - Mar10 Authors: Antu Sanadi Copyright: Copyrig...

Microsoft Internet Explorer Denial of Service Vulnerability (Mar 2010)

Internet Explorer is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2010-1127

Microsoft Internet Explorer 6 and 7 does not initialize certain data structures during execution of the createElement method, which allows remote attackers to cause a denial of service NULL pointer dereference and application crash via crafted JavaScript code, as demonstrated by setting the 1...

CVE-2010-1127

CVE-2010-1127 affects Microsoft Internet Explorer 6 and 7. The vulnerability arises when executing the createElement method, where certain data structures are not initialized, enabling a remote attacker to cause a denial of service via crafted JavaScript. Specifically, setting the (1) outerHTML o...

CVE-2010-0011

The evaljs function in uzbl-core.c in Uzbl before 2010.01.05 exposes the run method of the Uzbl object, which allows remote attackers to execute arbitrary commands via JavaScript code...

CVE-2010-0011

The evaljs function in uzbl-core.c in Uzbl before 2010.01.05 exposes the run method of the Uzbl object, which allows remote attackers to execute arbitrary commands via JavaScript code...

Code injection

The evaljs function in uzbl-core.c in Uzbl before 2010.01.05 exposes the run method of the Uzbl object, which allows remote attackers to execute arbitrary commands via JavaScript code...

CVE-2010-0011

The evaljs function in uzbl-core.c in Uzbl before 2010.01.05 exposes the run method of the Uzbl object, which allows remote attackers to execute arbitrary commands via JavaScript code...

Debian DSA-1886-1 : iceweasel - several vulnerabilities

Several remote vulnerabilities have been discovered in the Iceweasel web browser, an unbranded version of the Firefox browser. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-3079 'mozbugra4' discovered that a programming error in the FeedWriter...

Silverstripe <= v2.3.4: XSS vulnerabilities

No description provided by source. Silverstripe CMS, http://silverstripe.org/, version 2.3.4 and lower and its unreleased 2.4 branch, is vulnerable to two Cross Site Scripting issues. 1. The comment posting mechanism of Silverstripe 'PostCommentForm' fails to properly sanitize the 'CommenterURL'...

oBlog - Persistent Cross-Site Scripting Cross-Site Request Forgery Admin Brute Force

oBlog - Persistent Cross-Site Scripting Cross-Site Request Forgery Admin Brute Force ------------------------------------------------------------------------------------------------- Application: oBlog Version: the only one there is : Download: http://www.dootzky.com/images/projects/oBlog.zip...

Billwerx RC v3.1 Multiple Vulnerabilities

No description provided by source. Billwerx RC v3.1 Multiple Vulnerabilities Found By: mrme Download: http://www.billwerx.com/download.php Tested On: Windows Vista Note: For educational purposes only XSS POC: A regular employee can embed javascript code that could be executed within the context o...

Mozilla Firefox Chrome Page Loading Restriction Bypass (CVE-2005-2706)

The Firefox and Mozilla web browsers are applications designed for tasks related to browsing the web, such as displaying HTML encoded pages, downloading files, and so on. The web browser implements security restrictions on the execution of scripts and access to certain resources based on the orig...

SuSE Security Update: Security update for Mozilla Firefox (firefox35upgrade-6562)

This update brings the Mozilla Firefox 3.5 webbrowser to version 3.5.3, the Mozilla XULRunner 1.9.0 engine to the 1.9.0.14 stable release, and the Mozilla XULRunner 1.9.1 engine to the 1.9.1.3 stable release. It also fixes various security issues: MFSA 2009-47 / CVE-2009-3069 / CVE-2009-3070 /...

[ONSEC-09-018] Twilight CMS XSS

http://onsec.ru/vuln?id=10 ONSEC-09-018 Twilight CMS XSS Цель: Twilight CMS Тип: Межсайтовый скриптинг Угроза: Средняя Дата обнаружения: 01.10.2009 Дата оповещения разработчика: 01.10.2009 Дата выхода исправления: 10.01.2009 Автор: Vladimir Vorontsov OnSec Russian Security Group onsec dot ru...

openSUSE 10 Security Update : MozillaFirefox (MozillaFirefox-6495)

This update brings the Mozilla Firefox browser to the 3.0.14 stable release. It also fixes various security issues: MFSA 2009-47 / CVE-2009-3069 / CVE-2009-3070 / CVE-2009-3071 / CVE-2009-3072 / CVE-2009-3073 / CVE-2009-30 / CVE-2009-3075: Mozilla developers and community members identified and...

[ONSEC-09-011] UMI.CMS Multiple XSS

ONSEC-09-011 UMI.CMS Multiple XSS Цель: UMI CMS =2.7.3 Тип: Межсайтовый скриптинг Угроза: Средняя Дата обнаружения: 15.07.2009 Дата оповещения разработчика: 15.07.2009 Дата выхода исправления: 03.09.2009 Автор: Vladimir Vorontsov OnSec Russian Security Group onsec dot ru Описание: Уязвимые поля...