Microsoft Windows: Turn on Script Execution

This policy setting lets you configure the script execution policy, controlling which scripts are allowed to run. If you enable this policy setting, the scripts selected in the drop-down list are allowed to run. The SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpt...

Microsoft Windows: Script Execution

This policy setting lets you configure the script execution policy, controlling which scripts are allowed to run. If you enable this policy setting, the scripts selected in the drop-down list are allowed to run. The Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpte...

SAP NetWeaver WebDynpro Java Cross-Site Scripting Vulnerability

SAP Enterprise Financial Services is a set of enterprise financial services solutions from SAP. A cross-site scripting vulnerability exists in SAP NetWeaver, which arises from a failure to properly sanitize user-supplied input and can be exploited by a remote attacker to execute arbitrary script...

Cisco Tetration Analytics Cross-Site Scripting Vulnerability

Cisco Tetration Analytics is a hybrid cloud workload protection solution. The product features trust whitelisting, software vulnerability detection and network performance monitoring. A cross-site scripting vulnerability exists in the web-based management interface in Cisco Tetration Analytics,...

CVE-2018-0675

AttacheCase ver.3.3.0.0 and earlier allows an arbitrary script execution via unspecified vectors...

CVE-2018-0675

AttacheCase ver.3.3.0.0 and earlier allows an arbitrary script execution via unspecified vectors...

CVE-2018-0674

AttacheCase ver.2.8.4.0 and earlier allows an arbitrary script execution via unspecified vectors...

CVE-2018-0674

AttacheCase ver.2.8.4.0 and earlier allows an arbitrary script execution via unspecified vectors...

Design/Logic Flaw

AttacheCase ver.2.8.4.0 and earlier allows an arbitrary script execution via unspecified vectors...

Design/Logic Flaw

AttacheCase ver.3.3.0.0 and earlier allows an arbitrary script execution via unspecified vectors...

CVE-2018-0675

CVE-2018-0675 affects AttacheCase up to version 3.3.0.0 (and earlier). The vulnerability allows arbitrary script execution via crafted settings, specifically when a malicious ATCCase.ini is placed in the same folder as the ATC file and the file is decrypted. The root cause is tied to handling of ...

CVE-2018-0674

CVE-2018-0674 affects AttacheCase, a file‑encryption tool by HiBARA Software. Vulnerability: when a specially crafted AtcCase.ini is in the same folder as the ATC file, decryption can trigger execution of an arbitrary script, enabling a remote unauthenticated attacker to run code. Affected: Attac...

AttacheCase Arbitrary Code Execution Vulnerability

AttacheCase is a suite of file encryption software. An arbitrary code execution vulnerability exists in AttacheCase, which can be exploited by a remote, unauthenticated attacker to execute arbitrary scripts...

AttacheCase vulnerable to arbitrary script execution

Overview AttacheCase is an open source file encryption software provided by HiBARA Software. If a setting file AtcCase.ini is specially crafted and it resides in the same folder where ATC file resides, it is leveraged to execute an arbitrary script when ATC file is decrypted. Taizoh Tsukamoto of...

JVN#02037158: AttacheCase vulnerable to arbitrary script execution

AttacheCase is an open source file encryption software provided by HiBARA Software. If a setting file AtcCase.ini is specially crafted and it resides in the same folder where ATC file resides, it is leveraged to execute an arbitrary script when ATC file is decrypted. Impact A remote unauthenticat...

Movable Type vulnerable to cross-site scripting

Overview Movable Type provided by Six Apart, Ltd. is a content management system. Movable Type contains a cross-site scripting vulnerability CWE-79. ASAI Ken reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact A...

DuckDuckGo: XSS in Subdomain of DuckDuckGo

A cross-site scripting vulnerability was discovered in a subdomain of DuckDuckGo. The subdomain had a Content Security Policy header intended to prevent script execution, but this could be bypassed in Internet Explorer. As a result, malicious scripts could be injected and executed in the...

Cisco Small Business 300 Series (Sx300) Managed Switches Cross-Site Scripting Vulnerability

Cisco Small Business 300 Series Sx300 Managed Switches is a 300 series switch device from the American company Cisco Cisco. A cross-site scripting vulnerability exists in the web-based management interface of the Cisco Small Business 300 Series Sx300 Managed Switches, which stems from the interfa...

CA API Developer Portal Cross-Site Scripting Vulnerability (CNVD-2018-17503)

CA API Developer Portal is a set of CA's API Application Programming Interface query function for software developers. A cross-site scripting vulnerability exists in CA API Developer Portal version 4.x, versions prior to 4.2.5.3, and versions prior to 4.2.7.1, which originates when the program...

IBM Rational DOORS Next Generation Cross-Site Scripting Vulnerability

IBM Rational DOORS Next Generation DNG/RRC is a suite of software for capturing, tracking, analyzing, and managing requirements from IBM, USA. The software provides a single platform for global team collaboration to manage requirements more efficiently, sharing unified users, servers and project...