WordPress < 4.4.1 class-wp-theme.php XSS

According to its self-reported version number, the WordPress application running on the remote web server is prior to 4.4.1. It is, therefore, affected by a cross-site scripting XSS vulnerability due to improper validation of user-supplied input to the file wp-includes/class-wp-theme.php before...

Microsoft Exchange Server CVE-2016-0029 Spoofing Vulnerability

Description Microsoft Exchange Server is prone to a security vulnerability that may allow attackers to conduct spoofing attacks. An attacker can exploit this issue to conduct spoofing attacks and perform unauthorized actions; other attacks are also possible. Microsoft Exchange Server 2016 is...

Atlassian Confluence XSS and Insecure Direct Object Reference Vulnerabilities

Atlassian Confluence is prone to cross site scripting and insecure direct object reference vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

SurgeFTP Multiple XSS Vulnerabilities (Nov 2015) - Active Check

SurgeFTP Server is prone to multiple stored cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Mozilla Firefox Multiple Vulnerabilities (Dec 2015) - Windows

Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...

zTree Cross Site Scripting Vulnerability

zTree is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:ztreeproject:ztree";...

OSSEC Web UI 'searchid' Parameter Cross Site Scripting Vulnerability

OSSEC Web UI is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2015 SCHUTZWERK GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Microsoft Internet Explorer Multiple Vulnerabilities (3116180)

This host is missing a critical security update according to Microsoft Bulletin MS15-124. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Microsoft Internet Explorer XSS Filter CVE-2015-6164 Security Bypass Vulnerability

Description Microsoft Internet Explorer is prone to a security-bypass vulnerability that affects the XSS Filter. An attacker can exploit this issue by tricking an unsuspecting victim into viewing a page containing malicious content. An attacker can exploit this issue to execute arbitrary script...

Microsoft Edge XSS Filter CVE-2015-6176 Security Bypass Vulnerability

Description Microsoft Edge is prone to a security-bypass vulnerability that affects the XSS Filter. An attacker can exploit this issue by tricking an unsuspecting victim into viewing a page containing malicious content. An attacker can exploit this issue to execute arbitrary script code in the...

Microsoft Edge CVE-2015-6169 Spoofing Vulnerability

Description Microsoft Edge is prone to a security vulnerability that may allow attackers to conduct spoofing attacks. An attacker can exploit this issue to conduct spoofing attacks and perform unauthorized actions; other attacks are also possible. Technologies Affected Microsoft Edge Microsoft...

Microsoft Internet Explorer XSS Filter CVE-2015-6138 Security Bypass Vulnerability

Description Microsoft Internet Explorer is prone to a security-bypass vulnerability that affects the XSS Filter. An attacker can exploit this issue by tricking an unsuspecting victim into viewing a page containing malicious content. They can then execute arbitrary script code in the context of th...

Mozilla Firefox for Android < 42.0 Multiple Vulnerabilities

Binary data 9019.prm...

VLC Media Player Web Interface Cross Site Scripting Vulnerability (Dec 2015) - Windows

VLC media player is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Mozilla Firefox Multiple Vulnerabilities (Nov 2015) - Windows

Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...

UDID v1.0 iOS - Persistent Mail Encode Vulnerability

Document Title: =============== UDID v1.0 iOS - Persistent Mail Encode Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1590 Release Date: ============= 2015-09-22 Vulnerability Laboratory ID VL-ID: ==================================== 1590...

Revive Adserver < 3.2.2 Multiple Vulnerabilities (REVIVE-SA-2015-001)

Revive Adserver is prone to multiple vulnerabilities. Copyright C 2015 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

WordPress Pie Register Cross-Site Scripting Vulnerability

wordpress pie register plugin is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

DNN (DotNetNuke) < 7.4.2 Multiple Vulnerabilities

The version of DNN installed on the remote host is affected by multiple vulnerabilities : - An unspecified cross-site scripting vulnerability exists due to a failure to properly sanitize content used by the tabs control. An unauthenticated, remote attacker can exploit this to execute arbitrary...

Joomla CMS 'login' Module XSS Vulnerability

Joomla is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:joomla:joomla";...