Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

seebug.org
seebug.orgadded 2014/07/01 12:0 a.m.17 views

Microsoft Internet Explorer 5.0.1 File Upload Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/25836/info Microsoft Internet Explorer is prone to an information-disclosure vulnerability that allows attackers to gain access to the contents of arbitrary files. This issue stems from a design error resulting from the...

7.1AI score
Exploits0
CVE
CVEadded 2007/10/26 7:0 p.m.50 views

CVE-2002-2311

Microsoft Internet Explorer 6.0 (and possibly others) is affected by CVE-2002-2311. The issue arises when a webpage contains a onkeydown handler that checks event.ctrlKey or event.shiftKey; with those keys pressed, a remote attacker can upload arbitrary file contents. This is the underlying vulne...

6.4CVSS7.2AI score0.09506EPSS
Exploits1References4Affected Software2
RedHat Linux
RedHat Linuxadded 2007/10/19 3:58 p.m.5 views

security flaw

The focus handling for the onkeydown event in Mozilla Firefox 1.5.0.12, 2.0.0.4 and other versions before 2.0.0.8, and SeaMonkey before 1.1.5 allows remote attackers to change field focus and copy keystrokes via the "for" attribute in a label, which bypasses the focus prevention, as demonstrated ...

4.3CVSS5.8AI score0.02357EPSS
Exploits1References4
RedHat Linux
RedHat Linuxadded 2007/10/19 3:36 p.m.4 views

security flaw

The focus handling for the onkeydown event in Mozilla Firefox 1.5.0.12, 2.0.0.4 and other versions before 2.0.0.8, and SeaMonkey before 1.1.5 allows remote attackers to change field focus and copy keystrokes via the "for" attribute in a label, which bypasses the focus prevention, as demonstrated ...

4.3CVSS5.8AI score0.02357EPSS
Exploits1References4
NVD
NVDadded 2007/10/01 5:17 a.m.19 views

CVE-2007-5158

The focus handling for the onkeydown event in Microsoft Internet Explorer 6.0 allows remote attackers to change field focus and copy keystrokes via a certain use of a JavaScript htmlFor attribute, as demonstrated by changing focus from a textarea to a file upload field, a related issue to...

4.3CVSS6.3AI score0.15009EPSS
Exploits0References5
seebug.org
seebug.orgadded 2007/07/04 12:0 a.m.39 views

Mozilla FireFox OnKeyDown事件文件上传漏洞

Mozilla FireFox是一款流行的开源WEB浏览器。 FireFox在处理文件上传时存在漏洞,恶意网站可能利用此漏洞获取用户系统上的文件。 Firefox没有正确地处理表单字段的焦点,允许攻击者通过OnKeyDown事件将焦点从textarea字段更改至file upload字段,如果用户访问了恶意站点并向textarea输入表单键入了文件名的话,就可能将系统上的任意文件上传到恶意站点。 Mozilla Firefox 2.0.0.4 临时解决方法: 禁用JavaScript 厂商补丁: Mozilla -------...

7.1AI score
Exploits0
securityvulns
securityvulnsadded 2007/02/12 12:0 a.m.33 views

Microsoft Internet Explorer / Mozilla Firefox user input hijacking

It's possible to hijack input focus by using OnKeyDown / OnKeyPress events...

4CVSS2.7AI score0.09648EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder