124 matches found
📄 CubeCart 6.x.x Cross Site Scripting
CubeCart versions prior to 6.7.0 suffer from a cross site scripting vulnerability. Exploit Title: CubeCart alert"Test!" 3- Press Enter. 4- Observe the alert box popping up on the screen, confirming the XSS execution. Alternative Direct Link:...
CVE-2023-54349
AmazCart CMS 3.4 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by submitting payloads through the search functionality. Attackers can enter script tags in the search box to execute arbitrary JavaScript that fires when...
CVE-2018-25246 Wikipedia 12.0 Denial of Service via Search
Wikipedia 12.0 contains a denial of service vulnerability that allows unauthenticated attackers to crash the application by submitting oversized input through the search functionality. Attackers can paste a large buffer of repeated characters into the search bar to trigger an application crash...
CVE-2018-25246
CVE-2018-25246 details : Wikipedia 12.0 contains a denial-of-service vulnerability that lets unauthenticated attackers crash the application by submitting oversized input via the search functionality. An attacker can paste a large buffer of repeated characters into the search bar to trigger a cra...
EUVD-2018-21736
Microsoft VPN Browser+ 1.1.0.0 contains a denial of service vulnerability that allows unauthenticated attackers to crash the application by submitting oversized input through the search functionality. Attackers can paste a large buffer of characters into the search bar to trigger an unhandled...
EUVD-2018-21732
Microsoft VSCO 1.1.1.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string through the search functionality. Attackers can paste a buffer of 5000 characters into the search bar and navigate back to trigger an...
EUVD-2018-21744
Microsoft 7 Tik 1.0.1.0 contains a denial of service vulnerability that allows attackers to crash the application by submitting excessively long input strings to the search functionality. Attackers can paste a buffer of 7700 characters into the search bar to trigger an application crash...
EUVD-2018-21735
Microsoft Watchr 1.1.0.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string to the search functionality. Attackers can paste a buffer of 8145 characters into the search bar and trigger a search operation to caus...
CVE-2018-25244
Eco Search 1.0.2.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string to the search functionality. Attackers can paste a buffer of 950 or more characters into the search bar and trigger a crash by initiating a...
CVE-2018-25240
Watchr 1.1.0.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string to the search functionality. Attackers can paste a buffer of 8145 characters into the search bar and trigger a search operation to cause the...
CVE-2018-25245 7 Tik 1.0.1.0 Denial of Service via Search
7 Tik 1.0.1.0 contains a denial of service vulnerability that allows attackers to crash the application by submitting excessively long input strings to the search functionality. Attackers can paste a buffer of 7700 characters into the search bar to trigger an application crash...
CVE-2018-25245 7 Tik 1.0.1.0 Denial of Service via Search
7 Tik 1.0.1.0 contains a denial of service vulnerability that allows attackers to crash the application by submitting excessively long input strings to the search functionality. Attackers can paste a buffer of 7700 characters into the search bar to trigger an application crash...
CVE-2018-25244
Eco Search 1.0.2.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string to the search functionality. Attackers can paste a buffer of 950 or more characters into the search bar and trigger a crash by initiating a...
CVE-2018-25243 FastTube 1.0.1.0 Denial of Service via Search
FastTube 1.0.1.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string to the search functionality. Attackers can paste a buffer of 1900 characters into the search bar and trigger a crash when the search operation ...
CVE-2018-25244
The CVE-2018-25244 entry affects Microsoft Eco Search 1.0.2.0. A denial-of-service condition arises when an attacker with local access submits an excessively long string (buffer of ≥950 characters) in the search functionality, triggering a crash. Both CVSS-derived metrics indicate LOCAL attack v...
CVE-2018-25242
One Search 1.1.0.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting excessively long input strings to the search functionality. Attackers can paste a buffer of 950 or more characters into the search bar to trigger an unhandled exception...
CVE-2018-25241
VPN Browser+ 1.1.0.0 contains a denial of service vulnerability that allows unauthenticated attackers to crash the application by submitting oversized input through the search functionality. Attackers can paste a large buffer of characters into the search bar to trigger an unhandled exception tha...
CVE-2018-25241
CVE-2018-25241 affects Microsoft VPN Browser+ 1.1.0.0 with a denial-of-service vulnerability: unauthenticated attackers can crash the app by submitting an oversized input in the search feature, triggering an unhandled exception. Documented CVSS details: CVSS 3.1 base score 7.5 (AV:N/AC:L/PR:N/UI:...
CVE-2018-25241 VPN Browser+ 1.1.0.0 Denial of Service
VPN Browser+ 1.1.0.0 contains a denial of service vulnerability that allows unauthenticated attackers to crash the application by submitting oversized input through the search functionality. Attackers can paste a large buffer of characters into the search bar to trigger an unhandled exception tha...
CVE-2018-25240 Watchr 1.1.0.0 Denial of Service via Search
Watchr 1.1.0.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string to the search functionality. Attackers can paste a buffer of 8145 characters into the search bar and trigger a search operation to cause the...