IBM Lotus Notes RSS Reader Widget HTML Injection Vulnerability (Linux)

This host has IBM Lotus Notes installed and is prone to HTML Injection vulnerability. OpenVAS Vulnerability Test $Id: secpodibmlotusnoteshtmlinjvulnlin.nasl 5055 2017-01-20 14:08:39Z teissa $ IBM Lotus Notes RSS Reader Widget HTML Injection Vulnerability Linux Authors: Antu Sanadi Copyright:...

IBM Lotus Notes RSS阅读器HTML注入漏洞

BUGTRAQ ID: 36305 Lotus Notes是由IBM开发的集成邮件、日历、即时消息、浏览器和业务协作应用，可用作Lotus Domino服务器应用的桌面客户端。 Lotus Notes提供了一些可由用户选择添加和启用的小工具，其中一个工具是RSS阅读器。这个阅读器下载RSS文件、获取其中的项并本地保存为HTML文件。由于本地保存的文件在Internet Explorer中是以本地Intranet区运行的，因此在解释和显示RSS项时会导致以提升的权限运行其中注入的脚本。 IBM Lotus Notes 8.5 厂商补丁： IBM ---...

IBM Lotus Notes RSS Reader Widget HTML Injection Vulnerability (Windows)

This host has IBM Lotus Notes installed and is prone to HTML Injection vulnerability. OpenVAS Vulnerability Test $Id: secpodibmlotusnoteshtmlinjvulnwin.nasl 5055 2017-01-20 14:08:39Z teissa $ IBM Lotus Notes RSS Reader Widget HTML Injection Vulnerability Windows Authors: Antu Sanadi Copyright:...

IBM Lotus Notes RSS Reader Widget HTML Injection Vulnerability - Linux

IBM Lotus Notes is prone to a HTML Injection vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

IBM Lotus Notes RSS Reader Widget HTML Injection Vulnerability - Windows

IBM Lotus Notes is prone to a HTML Injection vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Design/Logic Flaw

The RSS reader widget in IBM Lotus Notes 8.0 and 8.5 saves items from an RSS feed as local HTML documents, which allows remote attackers to execute arbitrary script in Internet Explorer's Local Machine Zone via a crafted feed, aka SPR RGAU7RDJ9K...

CVE-2009-3114

The RSS reader widget in IBM Lotus Notes 8.0 and 8.5 saves items from an RSS feed as local HTML documents, which allows remote attackers to execute arbitrary script in Internet Explorer's Local Machine Zone via a crafted feed, aka SPR RGAU7RDJ9K...

CVE-2009-3114

IBM Lotus Notes RSS Reader Widget HTML Injection Vulnerability (CVE-2009-3114) affects Lotus Notes 8.0/8.5 RSS reader widget. The flaw causes local HTML documents to be saved from RSS items, enabling remote attackers to execute arbitrary script in Internet Explorer’s Local Machine Zone via a craf...

[Full-disclosure] [NETRAGARD SECURITY ADVISORY] [< Safari 3.2.3 Arbitrary Code Execution + PoC ][NETRAGARD-20090622]

NETRAGARD ADVISORY http://www.netragard.com "The Specialist in Anti- Hacking" Advisory Summary --------------------------------------------------------------------------------------------------- Advisory Author : Adriel T. Desautels Researcher : Kevin Finisterre Advisory ID : NETRAGARD-20090622...

MagpieRSS Cross Site Scripting

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -= MagpieRSS Multiple XSS Vulnerabilities =- May 6, 2009 Author: Justin C. Klein Keane Software: MagpieRSS http://magpierss.sourceforge.net/ Version Tested: magpierss-0.72 Vendor notified Full details can also be found at...

CVE-2008-6570

Cross-site scripting XSS vulnerability in the RSS reader in Cybozu Garoon 2.0.0 through 2.1.3 allows remote attackers to inject arbitrary web script or HTML via a crafted RSS feed...

CVE-2008-6570

CVE-2008-6570 describes an XSS vulnerability in Cybozu Garoon’s RSS reader (versions 2.0.0–2.1.3). A crafted RSS feed could inject arbitrary JavaScript/HTML, potentially executing in the victim’s browser. Root cause: insufficient sanitization/unescaped content in RSS feed handling. Impact is user...

FeedDemon (ver<=2.7) Buffer Overflow Vulnerability

The vulnerability was found in the processing of OPML Outline Processor Markup Language file, which is an XML format for outlines used by RSS reader to store and manage RSS feeds. With OPML, users can easily share their RSS feed lists with others or export these lists to use in other RSS feed...

[SVRT-02-09] FeedDemon (ver<=2.7) Buffer Overflow Vulnerability

Title : FeedDemon Buffer OverFlow Vulnerability 1. General Information FeedDemon is known as the most popular Windows RSS Reader which allows users to view and manage easily RSS feeds from their desktop. In January 2009, SVRT-BKIS detected a buffer overflow vulnerability in this software. Taking...

CVE-2008-5053

PHP remote file inclusion vulnerability in admin.rssreader.php in the Simple RSS Reader comrssreader 1.0 component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfiglivesite parameter...

Immunity Canvas: JOOMLARSS_RFI

Name| joomlarssrfi ---|--- CVE| CVE-2008-5053 Exploit Pack| CANVAS Description| Joomla Simple RSS Reader Remote File Include Notes| CVSS: 10.0 Repeatability: Infinite VENDOR: Joomla CVE Url: https://vulners.com/cve/CVE-2008-5053 CVE Name: CVE-2008-5053...

CVE-2008-5053

PHP remote file inclusion vulnerability in admin.rssreader.php in the Simple RSS Reader comrssreader 1.0 component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfiglivesite parameter...

CVE-2008-5053

CVE-2008-5053 affects the Joomla! Simple RSS Reader (com_rssreader) 1.0. The vulnerability is a PHP remote file inclusion in admin.rssreader.php that allows an attacker to execute arbitrary PHP code by supplying a URL to mosConfig_live_site. The NVD entry lists a critical severity (CVSS v2: AV:N/...

Joomla Component Simple RSS Reader 1.0 RFI Vulnerability

No description provided by source. ================================================================================================================================ o Simple RSS Reader Component 1.0 Remote File Inclusion Vulnerability Software : comrssreader version 1.0 Vendor :...

Joomla! Component Simple RSS Reader 1.0 - Remote File Inclusion

Joomla! Component Simple RSS Reader 1.0 - Remote File Inclusion ================================================================================================================================ o Simple RSS Reader Component 1.0 Remote File Inclusion Vulnerability Software : comrssreader version 1....