19 matches found
EUVD-2014-7134
Malware in sbrugna...
EUVD-2014-7133
Malware in sbrugna...
EUVD-2014-7131
Malware in sbrugna...
EUVD-2014-7132
Malware in sbrugna...
CVE-2014-7262
Cross-site scripting XSS vulnerability in the Omake BBS component in ULTRAPOP.JP i-HTTPD allows remote attackers to inject arbitrary web script or HTML via a crafted string...
CVE-2014-7261
Cross-site scripting XSS vulnerability in ULTRAPOP.JP i-HTTPD allows remote attackers to inject arbitrary web script or HTML via a crafted string that is improperly rendered during construction of a directory index page, a different vulnerability than CVE-2014-7263...
CVE-2014-7260
The Server Side Includes SSI implementation in the File Upload BBS component in ULTRAPOP.JP i-HTTPD allows remote attackers to execute arbitrary commands by uploading files containing commands in SSI directives...
Cross site scripting
Cross-site scripting XSS vulnerability in ULTRAPOP.JP i-HTTPD allows remote attackers to inject arbitrary web script or HTML via a crafted string that is improperly rendered during construction of a directory index page, a different vulnerability than CVE-2014-7263...
Cross site scripting
Cross-site scripting XSS vulnerability in the Omake BBS component in ULTRAPOP.JP i-HTTPD allows remote attackers to inject arbitrary web script or HTML via a crafted string...
Cross site scripting
Cross-site scripting XSS vulnerability in ULTRAPOP.JP i-HTTPD allows remote attackers to inject arbitrary web script or HTML via a crafted HTTP header, a different vulnerability than CVE-2014-7261...
Design/Logic Flaw
The Server Side Includes SSI implementation in the File Upload BBS component in ULTRAPOP.JP i-HTTPD allows remote attackers to execute arbitrary commands by uploading files containing commands in SSI directives...
CVE-2014-7262
CVE-2014-7262 is a stored cross-site scripting (XSS) flaw in the Omake BBS component of the i-HTTPD web server. The flaw arises from improper processing of input character strings, enabling remote attackers to inject arbitrary script/HTML via crafted input (CWE-79). Impact is that an arbitrary sc...
CVE-2014-7261
CVE-2014-7261 affects i-HTTPD (Windows) via a flaw in processing the HTTP header that can lead to cross-site scripting (CWE-79). The connected JVN entry explicitly documents an XSS in the HTTP header handling and notes that this vulnerability is distinct from CVE-2014-7263 (directory-index render...
CVE-2014-7262
Cross-site scripting XSS vulnerability in the Omake BBS component in ULTRAPOP.JP i-HTTPD allows remote attackers to inject arbitrary web script or HTML via a crafted string...
CVE-2014-7260
CVE-2014-7260 affects ULTRAPOP.JP i-HTTPD's File Upload BBS, where the Server Side Includes (SSI) implementation processes directives in uploaded files. The root cause is SSI handling that allows remote attackers to execute arbitrary commands by uploading crafted files containing SSI directives. ...
CVE-2014-7263
Cross-site scripting XSS vulnerability in ULTRAPOP.JP i-HTTPD allows remote attackers to inject arbitrary web script or HTML via a crafted HTTP header, a different vulnerability than CVE-2014-7261...
CVE-2014-7263
CVE-2014-7263 : i-HTTPD (Windows) contains a flaw in processing HTTP headers that enables cross‑site scripting via a crafted header. The vulnerability allows a remote attacker to induce arbitrary script execution in a user’s browser. The JVN entry notes this is a separate issue from CVE-2014-7261...
CVE-2014-7261
Cross-site scripting XSS vulnerability in ULTRAPOP.JP i-HTTPD allows remote attackers to inject arbitrary web script or HTML via a crafted string that is improperly rendered during construction of a directory index page, a different vulnerability than CVE-2014-7263...
CVE-2014-7260
The Server Side Includes SSI implementation in the File Upload BBS component in ULTRAPOP.JP i-HTTPD allows remote attackers to execute arbitrary commands by uploading files containing commands in SSI directives...