21 matches found
📄 MaNGOSWeb 4.0.6 Multi-Exploit Framework
A comprehensive penetration testing tool designed to identify and exploit multiple critical vulnerabilities in MangosWeb 4 version 4.0.6, a World of Warcraft emulator web interface. These include SQL injection, XML injection, file write vulnerabilities, and more...
EUVD-2013-4572
Malware in sbrugna...
EUVD-2017-16821
Malware in sbrugna...
EUVD-2007-0364
Malware in sbrugna...
EUVD-2007-2055
Malware in sbrugna...
EUVD-2009-3249
Malware in sbrugna...
EUVD-2010-3261
Malware in sbrugna...
EUVD-2019-15561
Malware in sbrugna...
CVE-2025-5015 Parsons AccuWeather Widget Cross-site Scripting
A cross-site scripting vulnerability exists in the AccuWeather and Custom RSS widget that allows an unauthenticated user to replace the RSS feed URL with a malicious one...
CVE-2025-5015 Parsons AccuWeather Widget Cross-site Scripting
A cross-site scripting vulnerability exists in the AccuWeather and Custom RSS widget that allows an unauthenticated user to replace the RSS feed URL with a malicious one...
CVE-2025-5015
CVE-2025-5015 : A cross-site scripting vulnerability exists in the Parsons AccuWeather widget and the Custom RSS widget, allowing an unauthenticated user to replace the RSS feed URL with a malicious one. Concrete details across sources confirm the affected components, the attack involves injectin...
CVE-2011-3999
Cross-site scripting XSS vulnerability in the RSS/Atom feed-reader implementation in Iwate Portal Bar allows remote attackers to inject arbitrary web script or HTML via a crafted feed...
K16882: OpenLDAP vulnerability CVE-2013-4449
Security Advisory Description Description The rwm overlay in OpenLDAP 2.4.23, 2.4.36, and earlier does not properly count references, which allows remote attackers to cause a denial of service slapd crash by unbinding immediately after a search request, which triggers rwmconndestroy to free the...
CVE-2017-7847
Crafted CSS in an RSS feed can leak and reveal local path strings, which may contain user name. This vulnerability affects Thunderbird 52.5.2...
CVE-2017-7846
It is possible to execute JavaScript in the parsed RSS feed when RSS feed is viewed as a website, e.g. via "View - Feed article - Website" or in the standard format of "View - Feed article - default format". This vulnerability affects Thunderbird 52.5.2...
Format string
It is possible to execute JavaScript in the parsed RSS feed when RSS feed is viewed as a website, e.g. via "View - Feed article - Website" or in the standard format of "View - Feed article - default format". This vulnerability affects Thunderbird 52.5.2...
CVE-2017-7846
CVE-2017-7846 affects Mozilla Thunderbird. The issue arises in parsing RSS feeds when viewed via website or default feed format, allowing JavaScript execution from the parsed feed (feed origin mailbox://). Published mitigations indicate Thunderbird versions up to 52.5.2 are affected, with fixes i...
OPENSUSE-SU-2017:3433-1 Security update for Mozilla Thunderbird
This update for Mozilla Thunderbird to version 52.5.2 fixes the following vulnerabilities: - CVE-2017-7846: JavaScript Execution via RSS in mailbox:// origin bsc1074043 - CVE-2017-7847: Local path string can be leaked from RSS feed bsc1074044 - CVE-2017-7848: RSS Feed vulnerable to new line...
CVE-2016-2212
The getOrderByStatusUrlKey function in the MageRssHelperOrder class in app/code/core/Mage/Rss/Helper/Order.php in Magento Enterprise Edition before 1.14.2.3 and Magento Community Edition before 1.9.2.3 allows remote attackers to obtain sensitive order information via the orderid in a JSON object ...
CVE-2015-1464
RT aka Request Tracker before 4.0.23 and 4.2.x before 4.2.10 allows remote attackers to hijack sessions via an RSS feed URL...