360 Web Manager 3.0 Cross Site Scripting

Vulnerability ID: HTB22377 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityin360webmanager.html Product: 360 Web Manager Vendor: 360 Web Manager Vulnerable Version: 3.0 Vendor Notification: 10 May 2010 Vulnerability Type: XSS Cross Site Scripting Status: Not Fixed, Vendor Alerted,...

Google Chrome 'IFRAME' Denial Of Service Vulnerability

This host is installed with Google Chrome and is prone to Denial Of Service vulnerability. OpenVAS Vulnerability Test $Id: secpodgooglechromeiframedosvuln.nasl 5394 2017-02-22 09:22:42Z teissa $ Google Chrome 'IFRAME' Denial Of Service Vulnerability Authors: Antu Sanadi Updated By: Madhuri D on...

RazorCMS 1.0 - '/admin/index.php' HTML Injection

source: https://www.securityfocus.com/bid/40373/info razorCMS is prone to an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied data. Attacker-supplied HTML or JavaScript code could run in the context of the affected site, potentially allowing the attacker to ste...

RazorCMS 1.0 - adminindex.php HTML Injection

RazorCMS 1.0 - adminindex.php HTML Injection source: https://www.securityfocus.com/bid/40373/info razorCMS is prone to an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied data. Attacker-supplied HTML or JavaScript code could run in the context of the affected...

XSS vulnerability in LiSK CMS

Vulnerability ID: HTB22372 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinproduct.html Product: LiSK CMS Vendor: Createch-group Vulnerable Version: 4.4 Vendor Notification: 05 May 2010 Vulnerability Type: XSS Cross Site Scripting Status: Not Fixed, Vendor Alerted, Awaiting Vendor...

Design/Logic Flaw

Mozilla Firefox 3.6.3 on Windows XP SP3 allows remote attackers to cause a denial of service memory consumption and application crash via JavaScript code that creates multiple arrays containing elements with long string values, and then appends long strings to the content of a P element, related ...

CVE-2010-1988

Mozilla Firefox 3.6.3 on Windows XP SP3 allows remote attackers to cause a denial of service NULL pointer dereference and application crash or possibly execute arbitrary code via JavaScript code that performs certain string concatenation and substring operations, a different vulnerability than...

NPDS REvolution Cross Site Scripting

Vulnerability ID: HTB22363 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinnpds.html Product: NPDS REvolution Vendor: NPDS Vulnerable Version: REvolution 10.02 and Probably Prior Versions Vendor Notification: 29 April 2010 Vulnerability Type: XSS Cross Site Scripting Status: Not Fixe...

VMware Portal 3.1 Cross Site Scripting

DSECRG-09-058 Vmware View - XSS vulnerability Linked XSS in VMware Portal Digital Security Research Group DSecRG Advisory DSECRG-09-058 Application: VMware View Portal Versions Affected: alert/XSS/.source Solution Update VmWare View to version 3.1.3 References...

Saurus CMS 4.7.0 Cross Site Scripting

Vulnerability ID: HTB22361 Reference: http://www.htbridge.ch/advisory/xssinsauruscms.html Product: Saurus CMS Community Editon Vendor: Saurused Ltd Vulnerable Version: 4.7.0 Vendor Notification: 27 April 2010 Vulnerability Type: XSS Cross Site Scripting Status: Not Fixed, Vendor Alerted, Awaiting...

XSS vulnerability in EasyPublish CMS

Vulnerability ID: HTB22356 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityineasypublishcms.html Product: EasyPublish CMS Vendor: Escio AS Vulnerable Version: Current at 23.04.2010 and Probably Prior Versions Vendor Notification: 23 April 2010 Vulnerability Type: XSS Cross Site Scripti...

Acuity CMS 2.6.2 Cross Site Scripting

Vulnerability ID: HTB22352 Reference: http://www.htbridge.ch/advisory/xssinacuitycms.html Product: Acuity CMS asp version Vendor: The Collective Vulnerable Version: 2.6.2 ASP and Probably Prior Versions Vendor Notification: 19 April 2010 Vulnerability Type: XSS Cross Site Scripting Status: Not...

Microsoft SharePoint Server 2007 - Cross-Site Scripting

Microsoft SharePoint Server 2007 - Cross-Site Scripting Vulnerability ID: HTB22350 Reference: http://www.htbridge.ch/advisory/xssinmicrosoftsharepointserver2007.html http://www.microsoft.com/technet/security/advisory/983438.mspx Product: Microsoft SharePoint Server 2007 Vendor: Microsoft...

Ubuntu Update for moin vulnerabilities USN-925-1

Ubuntu Update for Linux kernel vulnerabilities USN-925-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN9251.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for moin vulnerabilities USN-925-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...

Microsoft Internet Explorer Denial of Service Vulnerability (Mar 2010)

Internet Explorer is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Microsoft Internet Explorer Denial of Service Vulnerability - Mar10

This host is installed with Internet Explorer and is prone to Denial of Service Vulnerability. OpenVAS Vulnerability Test $Id: secpodmsiedosvulnmar10.nasl 5394 2017-02-22 09:22:42Z teissa $ Microsoft Internet Explorer Denial of Service Vulnerability - Mar10 Authors: Antu Sanadi Copyright: Copyrig...

CVE-2010-1127

Microsoft Internet Explorer 6 and 7 does not initialize certain data structures during execution of the createElement method, which allows remote attackers to cause a denial of service NULL pointer dereference and application crash via crafted JavaScript code, as demonstrated by setting the 1...

CVE-2010-1127

CVE-2010-1127 affects Microsoft Internet Explorer 6 and 7. The vulnerability arises when executing the createElement method, where certain data structures are not initialized, enabling a remote attacker to cause a denial of service via crafted JavaScript. Specifically, setting the (1) outerHTML o...

Code injection

The evaljs function in uzbl-core.c in Uzbl before 2010.01.05 exposes the run method of the Uzbl object, which allows remote attackers to execute arbitrary commands via JavaScript code...

CVE-2010-0011

The evaljs function in uzbl-core.c in Uzbl before 2010.01.05 exposes the run method of the Uzbl object, which allows remote attackers to execute arbitrary commands via JavaScript code...