21 matches found
📄 MaNGOSWeb 4.0.6 Multi-Exploit Framework
A comprehensive penetration testing tool designed to identify and exploit multiple critical vulnerabilities in MangosWeb 4 version 4.0.6, a World of Warcraft emulator web interface. These include SQL injection, XML injection, file write vulnerabilities, and more...
EUVD-2007-2055
Malware in sbrugna...
EUVD-2019-15561
Malware in sbrugna...
EUVD-2017-16821
Malware in sbrugna...
EUVD-2007-0364
Malware in sbrugna...
EUVD-2009-3249
Malware in sbrugna...
EUVD-2013-4572
Malware in sbrugna...
EUVD-2010-3261
Malware in sbrugna...
CVE-2025-5015 Parsons AccuWeather Widget Cross-site Scripting
A cross-site scripting vulnerability exists in the AccuWeather and Custom RSS widget that allows an unauthenticated user to replace the RSS feed URL with a malicious one...
CVE-2025-5015
CVE-2025-5015 : A cross-site scripting vulnerability exists in the Parsons AccuWeather widget and the Custom RSS widget, allowing an unauthenticated user to replace the RSS feed URL with a malicious one. Concrete details across sources confirm the affected components, the attack involves injectin...
CVE-2025-5015 Parsons AccuWeather Widget Cross-site Scripting
A cross-site scripting vulnerability exists in the AccuWeather and Custom RSS widget that allows an unauthenticated user to replace the RSS feed URL with a malicious one...
CVE-2011-3999
Cross-site scripting XSS vulnerability in the RSS/Atom feed-reader implementation in Iwate Portal Bar allows remote attackers to inject arbitrary web script or HTML via a crafted feed...
K16882: OpenLDAP vulnerability CVE-2013-4449
Security Advisory Description Description The rwm overlay in OpenLDAP 2.4.23, 2.4.36, and earlier does not properly count references, which allows remote attackers to cause a denial of service slapd crash by unbinding immediately after a search request, which triggers rwmconndestroy to free the...
CVE-2017-7846
It is possible to execute JavaScript in the parsed RSS feed when RSS feed is viewed as a website, e.g. via "View - Feed article - Website" or in the standard format of "View - Feed article - default format". This vulnerability affects Thunderbird 52.5.2...
CVE-2017-7847
Crafted CSS in an RSS feed can leak and reveal local path strings, which may contain user name. This vulnerability affects Thunderbird 52.5.2...
Format string
It is possible to execute JavaScript in the parsed RSS feed when RSS feed is viewed as a website, e.g. via "View - Feed article - Website" or in the standard format of "View - Feed article - default format". This vulnerability affects Thunderbird 52.5.2...
CVE-2017-7846
CVE-2017-7846 affects Mozilla Thunderbird. The issue arises in parsing RSS feeds when viewed via website or default feed format, allowing JavaScript execution from the parsed feed (feed origin mailbox://). Published mitigations indicate Thunderbird versions up to 52.5.2 are affected, with fixes i...
OPENSUSE-SU-2017:3433-1 Security update for Mozilla Thunderbird
This update for Mozilla Thunderbird to version 52.5.2 fixes the following vulnerabilities: - CVE-2017-7846: JavaScript Execution via RSS in mailbox:// origin bsc1074043 - CVE-2017-7847: Local path string can be leaked from RSS feed bsc1074044 - CVE-2017-7848: RSS Feed vulnerable to new line...
CVE-2016-2212
The getOrderByStatusUrlKey function in the MageRssHelperOrder class in app/code/core/Mage/Rss/Helper/Order.php in Magento Enterprise Edition before 1.14.2.3 and Magento Community Edition before 1.9.2.3 allows remote attackers to obtain sensitive order information via the orderid in a JSON object ...
CVE-2015-1464
RT aka Request Tracker before 4.0.23 and 4.2.x before 4.2.10 allows remote attackers to hijack sessions via an RSS feed URL...