8 matches found
USN-4649-2 xdg-utils regression
USN-4649-1 fixed vulnerabilities in xdg-utils. That update caused a regression by removing the --attach functionality in thunderbird and others applications. This update fix the problem by reverting these changes. Original advisory details: Jens Mueller discovered that xdg-utils incorrectly handl...
Cross site scripting
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/article-collaboration.php by adding a question mark ? followed by the payload...
Cross site scripting
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/edit-article.php by adding a question mark ? followed by the payload...
Cross site scripting
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/reply-ticket.php by adding a question mark ? followed by the payload...
CVE-2020-10418
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/manage-attachments.php by adding a question mark ? followed by the payload...
Spoofing
Writer in Microsoft Windows Essentials 2011 and 2012 allows remote attackers to bypass proxy settings and overwrite arbitrary files via crafted URL parameters, aka "Windows Essentials Improper URI Handling Vulnerability."...
CVE-2011-4879
miniweb.exe in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 aka TIA portal before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime does not properly handle UR...
BitComet 1.02 - URI Handling Remote Denial of Service
source: https://www.securityfocus.com/bid/30255/info BitComet is prone to a denial-of-service vulnerability. An attacker can exploit this issue to crash the application. Given the nature of this vulnerability, the attacker may also be able to execute arbitrary code, but this has not been confirme...