Cross-site Scripting (XSS)

Overview Kentico.Xperience.AspNet.Mvc5.Libraries is an assemblies required to use the Kentico Xperience API in class libraries developed for ASP.NET MVC 5 applications. Does not include content items or other modifications intended for the MVC web application itself. Affected versions of this...

Cross-site Scripting (XSS)

Overview Kentico.Xperience.AspNetCore.WebApp is an assemblies and content items required to integrate Kentico Xperience into ASP.NET Core applications. Affected versions of this package are vulnerable to Cross-site Scripting XSS through the CheckBox.cshtml view rendering. An attacker can execute...

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the HtmlGenerator class. An attacker can inject malicious scripts into web pages by manipulating the color and text properties of MotdItem objects while generating HTML content. Workaround Users who are not...

CVE-2024-47765 Minecraft MOTD Parser's HtmlGenerator vulnerable to XSS

Minecraft MOTD Parser is a PHP library to parse minecraft server motd. The HtmlGenerator class is subject to potential cross-site scripting XSS attack through a parsed malformed Minecraft server MOTD. The HtmlGenerator iterates through objects of MotdItem that are contained in an object of...

CVE-2015-8823

Use-after-free vulnerability in the TextField object implementation in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before...

Design/Logic Flaw

Use-after-free vulnerability in the TextField object implementation in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before...

CVE-2015-8823

Use-after-free vulnerability in the TextField object implementation in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before...

Winzip 15.0 WZFLDVW.OCX Text Property Denial of Service

No description provided by source. Exploit Title: Winzip WZFLDVW.OCX text property access violation Author: fady mohamed osman Software Link : http://www.winzip.com/downwz.htm Version: 15.0 Build 9334 Tested on: Win XP Sp2 CVE : N/A Website : http://www.darkmasters.co.cc/ Twitter :...

WinZip 15.0 - WZFLDVW.OCX Text Property Denial of Service

Exploit Title: Winzip WZFLDVW.OCX text property access violation Author: fady mohamed osman Software Link : http://www.winzip.com/downwz.htm Version: 15.0 Build 9334 Tested on: Win XP Sp2 CVE : N/A Website : http://www.darkmasters.co.cc/ Twitter : http://twitter.com/FadyOsman 'Wscript.echo...

WinZip 15.0 - WZFLDVW.OCX Text Property Denial of Service

WinZip 15.0 - WZFLDVW.OCX Text Property Denial of Service Exploit Title: Winzip WZFLDVW.OCX text property access violation Author: fady mohamed osman Software Link : http://www.winzip.com/downwz.htm Version: 15.0 Build 9334 Tested on: Win XP Sp2 CVE : N/A Website : http://www.darkmasters.co.cc/...

CVE-2007-3579

PHPIDS before 20070703 does not properly handle setting the .text property of a SCRIPT element before its attachment to the DOM, which allows remote attackers to inject arbitrary web script...