KnowledgeTree 3.5.2 Community Edition Permanent XSS Vulnerability

Exploit for php platform in category web applications ================================================================= KnowledgeTree 3.5.2 Community Edition Permanent XSS Vulnerability ================================================================= Exploit Title: KnowledgeTree 3.5.2 Community...

XSS vulnerability in Amethyst

Vulnerability ID: HTB22501 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinamethyst1.html Product: Amethyst Vendor: Hulihan Applications http://hulihanapplications.com/projects/amethyst Vulnerable Version: 0.1.5 and Probably Prior Versions Vendor Notification: 22 July 2010...

XSS vulnerability in DT Centrepiece

Vulnerability ID: HTB22519 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityindtcentrepiece.html Product: DT Centrepiece Vendor: DT Services http://www.dt.net.nz/ Vulnerable Version: 4.5 and Probably Prior Versions Vendor Notification: 22 July 2010 Vulnerability Type: XSS Cross Site...

XSS vulnerability in SiteLoom CMS

Vulnerability ID: HTB22516 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinsiteloomcms.html Product: SiteLoom CMS Vendor: SiteLoom ApS http://www.siteloom.dk/ Vulnerable Version: Current at 21.07.2010 and Probably Prior Versions Vendor Notification: 22 July 2010 Vulnerability Type: X...

Amethyst 0.1.5 - Cross-Site Scripting

Vulnerability ID: HTB22502 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinamethyst2.html Product: Amethyst Vendor: Hulihan Applications http://hulihanapplications.com/projects/amethyst Vulnerable Version: 0.1.5 and Probably Prior Versions Vendor Notification: 22 July 2010...

Amethyst 0.1.5 - Cross-Site Scripting

Amethyst 0.1.5 - Cross-Site Scripting Vulnerability ID: HTB22502 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinamethyst2.html Product: Amethyst Vendor: Hulihan Applications http://hulihanapplications.com/projects/amethyst Vulnerable Version: 0.1.5 and Probably Prior Versions Vendor...

CVE-2010-1215

Mozilla Firefox 3.6.x before 3.6.7 and Thunderbird 3.1.x before 3.1.1 do not properly implement access to a content object through a SafeJSObjectWrapper aka SJOW wrapper, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges by leveraging "access to an object...

Design/Logic Flaw

Mozilla Firefox 3.6.x before 3.6.7 and Thunderbird 3.1.x before 3.1.1 do not properly implement access to a content object through a SafeJSObjectWrapper aka SJOW wrapper, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges by leveraging "access to an object...

CVE-2010-1796

The AutoFill feature in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4, allows remote attackers to obtain sensitive Address Book Card information via JavaScript code that forces keystroke events for input fields...

Internet Explorer Script Engine Stack Exhaustion (CVE-2006-0753)

A stack exhaustion vulnerability exists in the Microsoft Internet Explorer Script Engine. The flaw is caused by certain types of recursive function calls in Javascript code. An attacker can exploit this vulnerability to cause a denial of service condition of the vulnerable application. In an atta...

CVE-2010-1215

Mozilla Firefox 3.6.x before 3.6.7 and Thunderbird 3.1.x before 3.1.1 do not properly implement access to a content object through a SafeJSObjectWrapper aka SJOW wrapper, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges by leveraging "access to an object...

XSS vulnerability in WebPress

Vulnerability ID: HTB22480 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinwebpress2.html Product: WebPress Vendor: YWP http://www.goywp.com/ Vulnerable Version: Current at 01.07.2010 and Probably Prior Versions Vendor Notification: 01 July 2010 Vulnerability Type: XSS Cross Site...

XSS vulnerability in WebPress

Vulnerability ID: HTB22478 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinwebpress.html Product: WebPress Vendor: YWP http://www.goywp.com/ Vulnerable Version: Current at 01.07.2010 and Probably Prior Versions Vendor Notification: 01 July 2010 Vulnerability Type: XSS Cross Site...

PHPFaber CMS 2.0.5 Cross Site Scripting

Author: prodigy Date found: 4/07/2010 Software: PHPFaber Content Management System Vendor: www.phpfaber.com version: 2.0.5 Vulnerability founded: Multiple XSS Vulnerabilities Risk: Medium Impact: Malicious attackers can run javascript code into the page to perform phising attacks and cookie...

XSS vulnerability in Scribe CMS

Vulnerability ID: HTB22420 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinscribecms.html Product: Scribe CMS Vendor: Sigmer Technologies Vulnerable Version: Current at 03.06.2010 and Probably Prior Versions Vendor Notification: 07 June 2010 Vulnerability Type: XSS Cross Site Scripti...

CuteSITE CMS 1.5.0 Cross Site Scripting

Vulnerability ID: HTB22397 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityincutesitecms.html Product: CuteSITE CMS Vendor: AMT Company Vulnerable Version: 1.5.0 and Probably Prior Versions Vendor Notification: 20 May 2010 Vulnerability Type: XSS Cross Site Scripting Status: Not Fixed,...

boastMachine 3.1 Cross Site Scripting

Vulnerability ID: HTB22399 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinboastmachine.html Product: boastMachine Vendor: Kailash Nadh Vulnerable Version: 3.1 and Probably Prior Versions Vendor Notification: 20 May 2010 Vulnerability Type: XSS Cross Site Scripting Status: Not Fixed,...

Mozilla Firefox 'IFRAME' Denial Of Service vulnerability (Windows)

The host is installed with Mozilla Firefox browser and is prone to Denial of Service vulnerability. OpenVAS Vulnerability Test $Id: gbmozillafirefoxiframedosvulnwin.nasl 5323 2017-02-17 08:49:23Z teissa $ Mozilla Firefox 'IFRAME' Denial Of Service vulnerability Windows Authors: Antu Sanadi...

Microsoft Internet Explorer 'IFRAME' Denial Of Service Vulnerability (Jun 2010)

Internet Explorer is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2010-2119

The CVE-2010-2119 entry concerns Microsoft Internet Explorer 6.0.2900.2180, where JavaScript code that loops infinitely to create IFRAME elements for invalid nntp:// URIs can cause a denial of service through resource consumption. Connected sources corroborate a DoS condition in IE triggered by i...