Description of the security update for SharePoint Server Subscription Edition: July 9, 2024 (KB5002606)

Description of the security update for SharePoint Server Subscription Edition: July 9, 2024 KB5002606 Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability, Microsoft SharePoint remote code execution vulnerability, and Microsoft SharePoint Server...

JReviews <= 4.1.5 - Reflected Cross-Site Scripting

The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting https://example.com/top-user-rated-listings?listview=2&q%22%3e%3cscript%3ealert1%3c%2fscript%3e=1...

July 13, 2021-KB5003537 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10, version 2004, Windows Server, version 2004, Windows 10, version 20H2, and Windows Server, version 20H2, and Windows Version 21H1

July 13, 2021-KB5003537 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10, version 2004, Windows Server, version 2004, Windows 10, version 20H2, and Windows Server, version 20H2, and Windows Version 21H1 Release Date: July 13, 2021 Version: .NET Framework 3.5 and 4.8 The July 13, 20...

Microsoft Windows Common Controls Remote Code Execution Vulnerability (2664258)

This host is missing a critical security update according to Microsoft Bulletin MS12-027. OpenVAS Vulnerability Test $Id: secpodms12-027.nasl 5366 2017-02-20 13:55:38Z cfi $ Microsoft Windows Common Controls Remote Code Execution Vulnerability 2664258 Authors: Sooraj KS Copyright: Copyright c 201...

Design/Logic Flaw

The 1 ListView, 2 ListView2, 3 TreeView, and 4 TreeView2 ActiveX controls in MSCOMCTL.OCX in the Common Controls in Microsoft Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2003 Web Components SP3; SQL Server 2000 SP4, 2005 SP4, and 2008 SP2, SP3, and R2; BizTalk Server 2002 SP1...

CVE-2012-0158

The 1 ListView, 2 ListView2, 3 TreeView, and 4 TreeView2 ActiveX controls in MSCOMCTL.OCX in the Common Controls in Microsoft Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2003 Web Components SP3; SQL Server 2000 SP4, 2005 SP4, and 2008 SP2, SP3, and R2; BizTalk Server 2002 SP1...

Command injection

The ListView control in the Client GUI AClient.exe in Symantec Altiris Deployment Solution 6.x before 6.9.355 SP1 allows local users to gain SYSTEM privileges and execute arbitrary commands via a "Shatter" style attack on the "command prompt" hidden GUI button to 1 overwrite the CommandLine...

CVE-2008-6827

The ListView control in the Client GUI AClient.exe in Symantec Altiris Deployment Solution 6.x before 6.9.355 SP1 allows local users to gain SYSTEM privileges and execute arbitrary commands via a "Shatter" style attack on the "command prompt" hidden GUI button to 1 overwrite the CommandLine...

Sql injection

SQL injection vulnerability in the dashboard include/utils/SearchUtils.php in vtiger CRM before 5.0.3 allows remote authenticated users to execute arbitrary SQL commands via the assigneduserid parameter in a Potentials ListView action to index.php...

CVE-2007-3603

SQL injection vulnerability in the dashboard include/utils/SearchUtils.php in vtiger CRM before 5.0.3 allows remote authenticated users to execute arbitrary SQL commands via the assigneduserid parameter in a Potentials ListView action to index.php...