Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

108 matches found

UbuntuCve
UbuntuCveadded 2006/04/20 10:2 p.m.29 views

CVE-2006-1942

Mozilla Firefox 1.5.0.2 and possibly other versions before 1.5.0.4, Netscape 8.1, 8.0.4, and 7.2, and K-Meleon 0.9.13 allows user-assisted remote attackers to open local files via a web page with an IMG element containing a SRC attribute with a non-image file:// URL, then tricking the user into...

5.1CVSS5.9AI score0.02536EPSS
Exploits0References1
Prion
Prionadded 2006/02/14 7:6 p.m.16 views

Buffer overflow

Buffer overflow in the plug-in for Microsoft Windows Media Player WMP 9 and 10, when used in browsers other than Internet Explorer and set as the default application to handle media files, allows remote attackers to execute arbitrary code via HTML with an EMBED element containing a long src...

9.3CVSS7.9AI score0.43588EPSS
Exploits8References10Affected Software5
NVD
NVDadded 2006/02/04 2:2 a.m.21 views

CVE-2006-0544

urlmon.dll in Microsoft Internet Explorer 7.0 beta 2 aka 7.0.5296.0 allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a BGSOUND element with its SRC attribute set to "file://" followed by a large number of "-" dash of hyphen characters...

7.5CVSS7.7AI score0.2207EPSS
Exploits1References2
Prion
Prionadded 2006/01/22 8:3 p.m.22 views

Cross site scripting

Cross-site scripting XSS vulnerability in MyBulletinBoard MyBB allows remote attackers to inject arbitrary web script or HTML via a signature containing a JavaScript URI in the SRC attribute of an IMG element, in which the URI uses SGML numeric character references without trailing semicolons, as...

4.3CVSS6AI score0.01365EPSS
Exploits1References6Affected Software1
CVE
CVEadded 2006/01/13 11:0 p.m.47 views

CVE-2006-0198

CVE-2006-0198 describes a Cross-site scripting (XSS) vulnerability in a XOOPS module (possibly poll or Pool) where remote attackers can inject arbitrary web script or HTML via the SRC attribute of an IMG element in a comment. The issue is documented with a MEDIUM base score (4.3) and partial inte...

4.3CVSS5.8AI score0.01645EPSS
Exploits1References4Affected Software1
Cvelist
Cvelistadded 2006/01/11 9:0 p.m.21 views

CVE-2005-4644

Cross-site scripting XSS vulnerability in the HTML WikiProcessor in Edgewall Trac 0.9.2 allows remote attackers to inject arbitrary web script or HTML via javascript in the SRC attribute of an IMG tag...

5.4AI score0.01475EPSS
Exploits1References8
CVE
CVEadded 2004/09/01 4:0 a.m.40 views

CVE-2002-1493

The CVE-2002-1493 entry describes a cross-site scripting (XSS) vulnerability in the Lycos HTMLGear guestbook. The flaw allows remote attackers to inject arbitrary JavaScript via (1) STYLE attributes or (2) SRC attributes in an IMG tag. The provided sources confirm the vulnerability description bu...

4.3CVSS6.2AI score0.01736EPSS
Exploits1References4Affected Software1
CVE
CVEadded 2002/06/11 4:0 a.m.46 views

CVE-2002-0591

CVE-2002-0591 refers to a directory-traversal vulnerability in AOL Instant Messenger (AIM) up to and including version 4.8 beta and earlier . The flaw allows a remote attacker to create arbitrary files and execute commands via a Direct Connection using an IMG tag with a SRC attribute that specifi...

5CVSS7.6AI score0.11634EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder