CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

7 matches found

Prion•added 2008/12/12 6:30 p.m.•15 views

Cross site scripting

The XSS Filter in Microsoft Internet Explorer 8.0 Beta 2 allows remote attackers to bypass the XSS protection mechanism and conduct XSS attacks via a CRLF sequence in conjunction with a crafted Content-Type header, as demonstrated by a header with a utf-7 charset value. NOTE: the vendor has...

4.3CVSS6.2AI score0.11565EPSS

Exploits0References3Affected Software1

Packet Storm•added 2007/12/29 12:0 a.m.•22 views

google-utf7xss.txt

XSS with UTF-7 in Google XSS with UTF-7 was found in www.google.com already fixed. Although charset was specified in HTTP response header, but charset-name was incorrect so XSS occurred. PoC: http://www.google.com/search?hl=en&oe=cp932&q=%2BADw-script%2BAD4-alert...

UbuntuCve•added 2007/09/14 12:17 a.m.•28 views

CVE-2007-4465

Cross-site scripting XSS vulnerability in modautoindex.c in the Apache HTTP Server before 2.2.6, when the charset on a server-generated page is not defined, allows remote attackers to inject arbitrary web script or HTML via the P parameter using the UTF-7 charset. NOTE: it could be argued that th...

6.1CVSS6.9AI score0.26188EPSS

Exploits0References3

Prion•added 2007/09/14 12:17 a.m.•27 views

Cross site scripting

Cross-site scripting XSS vulnerability in modautoindex.c in the Apache HTTP Server before 2.2.6, when the charset on a server-generated page is not defined, allows remote attackers to inject arbitrary web script or HTML via the P parameter using the UTF-7 charset. NOTE: it could be argued that th...

4.3CVSS5.5AI score0.26188EPSS

Exploits0References42Affected Software1

OSV•added 2007/09/14 12:17 a.m.•6 views

CVE-2007-4465

Cross-site scripting XSS vulnerability in modautoindex.c in the Apache HTTP Server before 2.2.6, when the charset on a server-generated page is not defined, allows remote attackers to inject arbitrary web script or HTML via the P parameter using the UTF-7 charset. NOTE: it could be argued that th...

Exploits0References47

Vulnrichment•added 2007/09/14 12:0 a.m.•11 views

CVE-2007-4465

Cross-site scripting XSS vulnerability in modautoindex.c in the Apache HTTP Server before 2.2.6, when the charset on a server-generated page is not defined, allows remote attackers to inject arbitrary web script or HTML via the P parameter using the UTF-7 charset. NOTE: it could be argued that th...

6AI score0.26188EPSS

Exploits0References42

Debian CVE•added 2007/09/14 12:0 a.m.•33 views

CVE-2007-4465

Cross-site scripting XSS vulnerability in modautoindex.c in the Apache HTTP Server before 2.2.6, when the charset on a server-generated page is not defined, allows remote attackers to inject arbitrary web script or HTML via the P parameter using the UTF-7 charset. NOTE: it could be argued that th...

6.1CVSS5.5AI score0.26188EPSS

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by