34 matches found
jonas-v.de XSS vulnerability
Open Bug Bounty ID: OBB-577328 Description| Value ---|--- Affected Website:| jonas-v.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
Fixed in Apache Tomcat Native Connector 1.2.16
Note: The issue below was fixed in Apache Tomcat Native Connector 1.2.15 but the release vote for the 1.2.15 release candidate did not pass. Therefore, although users must download 1.2.16 to obtain a version that includes the fix for this issue, version 1.2.15 is not included in the list of...
Critical: Red Hat Security Advisory: firefox security update
Updated firefox packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...
JOnAS 4.10.3 'select' Parameter Error Page Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/33912/info JOnAS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...
Joe Jonas's Twitter Got Hacked !!
Joe Jonas braves the rain to go shopping at Fred Segal with a pal on Friday February 18 in West Hollywood, Calif. The same day, the 21-year-old singer's girlfriend, Ashley Greene, was spotted at LAX grabbing some Starbucks at LAX. Joe recently had to deal with some problems on his Twitter page...
[DSECRG-09-008] JOnAS(4.10.3) - Linked XSS Vulnerability
Digital Security Research Group DSecRG Advisory DSECRG-09-008 ------------------link to original advisory -------------------------- http://www.dsecrg.com/pages/vul/show.php?id=81 Application: JOnAS Java Open Application Server Versions Affected: JOnAS4.10.3 / Apache Tomcat 5.5.26 Vendor URL:...
JOnAS 4.10.3 - select Error Page Cross-Site Scripting
JOnAS 4.10.3 - select Error Page Cross-Site Scripting source: https://www.securityfocus.com/bid/33912/info JOnAS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...
JOnAS Cross Site Scripting
Digital Security Research Group DSecRG Advisory DSECRG-09-008 ------------------link to original advisory -------------------------- http://www.dsecrg.com/pages/vul/show.php?id=81 Application: JOnAS Java Open Application Server Versions Affected: JOnAS4.10.3 / Apache Tomcat 5.5.26 Vendor URL:...
JOnAS 4.10.3 - 'select' Error Page Cross-Site Scripting
source: https://www.securityfocus.com/bid/33912/info JOnAS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the...
CVE-2006-6394
SQL injection vulnerability in certain database classes in Jonas Gauffin Publicera 1.0-rc2 and earlier might allow remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2006-6393
CVE-2006-6393 is an XSS vulnerability in Jonas Gauffin Publicera 1.0-rc2 and earlier. The issue arises from InputFilter::getString, allowing remote attackers to inject arbitrary script/HTML via unspecified vectors. Documented impact is client-side data/script integrity and potential user interact...
CVE-2006-6394
The CVE-2006-6394 entry describes an SQL injection vulnerability in certain database classes of Jonas Gauffin Publicera 1.0-rc2 and earlier, potentially allowing remote attackers to execute arbitrary SQL commands via unspecified vectors. Affected software: Jonas Gauffin Publicera 1.0-rc2 and earl...
CVE-2006-6393
Cross-site scripting XSS vulnerability in Jonas Gauffin Publicera 1.0-rc2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to the InputFilter::getString function...
USN-297-1: Thunderbird vulnerabilities
Jonas Sicking discovered that under some circumstances persisted XUL attributes are associated with the wrong URL. A malicious web site could exploit this to execute arbitrary code with the privileges of the user. MFSA 2006-35, CVE-2006-2775 Paul Nickerson discovered that content-defined setters ...