8 matches found
EUVD-2009-0635
Malware in sbrugna...
Personal Address Book 2.0 File Upload
TITLE: Unauthenticated Remote File Upload via HTTP for Personal Address Book 2.0 on iOS Date: 8/1/2013 Author: Larry W. Cashdollar, @larry0 Download: https://itunes.apple.com/us/app/personal-address-book-helpful/id490328390?mt=8 http://www.tayutec.com/indexen.html Description: "Features: To creat...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Sun Java System Communications Express 6 2005Q4 aka 6.2 and 6.3 allow remote attackers to inject arbitrary web script or HTML via 1 the abpersondisplayName parameter to uwc/abs/search.xml in the Add Contact implementation in the Personal Addres...
CVE-2009-1729
Multiple cross-site scripting XSS vulnerabilities in Sun Java System Communications Express 6 2005Q4 aka 6.2 and 6.3 allow remote attackers to inject arbitrary web script or HTML via 1 the abpersondisplayName parameter to uwc/abs/search.xml in the Add Contact implementation in the Personal Addres...
WEBO (Web ORGanizer) 1.0 - 'baseDir' Remote File Inclusion
\ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV67$2007 ----------------------------------------------------------------------------------------- ECHOADV67$2007 WEBO Web Organizer = 1.0 baseDir Remote File Inclusion Vulnerability...
Design/Logic Flaw
The "Add Sender to Address Book" operation AddSenderToAddressBook.lss and NameHelper.lss in IBM Lotus Notes 6.0 and 6.5 before 20060331 do not properly store information in the Personal Address Book when multiple messages are checked and a message uses AltFrom, which might allow user-assisted...
CVE-2006-1948
The "Add Sender to Address Book" operation AddSenderToAddressBook.lss and NameHelper.lss in IBM Lotus Notes 6.0 and 6.5 before 20060331 do not properly store information in the Personal Address Book when multiple messages are checked and a message uses AltFrom, which might allow user-assisted...
CVE-2006-1948
The CVE-2006-1948 entry affects IBM Lotus Notes 6.0 and 6.5 before 20060331. The issue stems from AddSenderToAddressBook.lss and NameHelper.lss not storing information in the Personal Address Book when multiple messages are selected and a message uses AltFrom, enabling user-assisted remote attack...