Lucene search
K

221 matches found

Debian CVE
Debian CVE
added 2013/11/15 6:16 p.m.27 views

CVE-2013-2031

MediaWiki before 1.19.6 and 1.20.x before 1.20.5 allows remote attackers to conduct cross-site scripting XSS attacks, as demonstrated by a CDATA section containing valid UTF-7 encoded sequences in a SVG file, which is then incorrectly interpreted as UTF-8 by Chrome and Firefox...

4.3CVSS6.6AI score0.02502EPSS
Exploits0
exploitpack
exploitpack
added 2013/08/07 12:0 a.m.93 views

McAfee SuperScan 4.0 - Cross-Site Scripting

McAfee SuperScan 4.0 - Cross-Site Scripting Trustwave SpiderLabs Security Advisory TWSL2013-024: Cross Site Scripting XSS vulnerability in McAfee Superscan 4.0 Published: 08/02/2013 Version: 1.0 Vendor: McAfee http://www.mcafee.com/ Product: SuperScan Version affected: v4.0 Product description:...

4.3CVSS6.2AI score0.0427EPSS
Exploits5
Packet Storm
Packet Storm
added 2013/08/07 12:0 a.m.69 views

McAfee Superscan 4.0 Cross Site Scripting

Trustwave SpiderLabs Security Advisory TWSL2013-024: Cross Site Scripting XSS vulnerability in McAfee Superscan 4.0 Published: 08/02/2013 Version: 1.0 Vendor: McAfee http://www.mcafee.com/ Product: SuperScan Version affected: v4.0 Product description: SuperScan 4 is a Windows port scanning tool...

4.3CVSS6.7AI score0.0427EPSS
Exploits5
Exploit DB
Exploit DB
added 2013/08/07 12:0 a.m.85 views

McAfee SuperScan 4.0 - Cross-Site Scripting

Trustwave SpiderLabs Security Advisory TWSL2013-024: Cross Site Scripting XSS vulnerability in McAfee Superscan 4.0 Published: 08/02/2013 Version: 1.0 Vendor: McAfee http://www.mcafee.com/ Product: SuperScan Version affected: v4.0 Product description: SuperScan 4 is a Windows port scanning tool...

4.3CVSS7AI score0.0427EPSS
Exploits5
NVD
NVD
added 2012/08/23 10:32 a.m.29 views

CVE-2009-5120

The default configuration of Apache Tomcat in Websense Manager in Websense Web Security 7.0 and Web Filter 7.0 allows connections to TCP port 1812 from arbitrary source IP addresses, which makes it easier for remote attackers to conduct cross-site scripting XSS attacks via UTF-7 text to the 404...

4.3CVSS5.9AI score0.00942EPSS
Exploits0References1
Prion
Prion
added 2012/08/23 10:32 a.m.26 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Open Ticket Request System OTRS Help Desk 2.4.x before 2.4.13, 3.0.x before 3.0.15, and 3.1.x before 3.1.9, and OTRS ITSM 2.1.x before 2.1.5, 3.0.x before 3.0.6, and 3.1.x before 3.1.6, allow remote attackers to inject arbitrary web script or...

4.3CVSS6AI score0.04195EPSS
Exploits1References5Affected Software2
Cvelist
Cvelist
added 2012/08/23 10:0 a.m.33 views

CVE-2009-5120

The default configuration of Apache Tomcat in Websense Manager in Websense Web Security 7.0 and Web Filter 7.0 allows connections to TCP port 1812 from arbitrary source IP addresses, which makes it easier for remote attackers to conduct cross-site scripting XSS attacks via UTF-7 text to the 404...

5.9AI score0.00942EPSS
Exploits0References1
CVE
CVE
added 2012/08/23 10:0 a.m.62 views

CVE-2009-5120

Summary: CVE-2009-5120 concerns Websense Web Security 7.0 / Web Filter 7.0 using Apache Tomcat. The default Tomcat configuration in Websense Manager allows TCP connections to port 1812 from arbitrary source IPs, which is described as enabling cross-site scripting (XSS) via UTF-7 text to the 404 e...

4.3CVSS6AI score0.00942EPSS
Exploits0References1Affected Software2
Debian CVE
Debian CVE
added 2012/08/23 10:0 a.m.47 views

CVE-2012-2582

Multiple cross-site scripting XSS vulnerabilities in Open Ticket Request System OTRS Help Desk 2.4.x before 2.4.13, 3.0.x before 3.0.15, and 3.1.x before 3.1.9, and OTRS ITSM 2.1.x before 2.1.5, 3.0.x before 3.0.6, and 3.1.x before 3.1.6, allow remote attackers to inject arbitrary web script or...

4.3CVSS5.7AI score0.04195EPSS
Exploits1
OSV
OSV
added 2012/06/27 10:18 a.m.9 views

CVE-2011-4940

The listdirectory function in Lib/SimpleHTTPServer.py in SimpleHTTPServer in Python before 2.5.6c1, 2.6.x before 2.6.7 rc2, and 2.7.x before 2.7.2 does not place a charset parameter in the Content-Type HTTP header, which makes it easier for remote attackers to conduct cross-site scripting XSS...

5.4AI score
Exploits0References12
Prion
Prion
added 2012/06/27 10:18 a.m.24 views

Cross site scripting

The listdirectory function in Lib/SimpleHTTPServer.py in SimpleHTTPServer in Python before 2.5.6c1, 2.6.x before 2.6.7 rc2, and 2.7.x before 2.7.2 does not place a charset parameter in the Content-Type HTTP header, which makes it easier for remote attackers to conduct cross-site scripting XSS...

2.6CVSS5.9AI score0.03213EPSS
Exploits1References12Affected Software1
Cvelist
Cvelist
added 2012/06/27 10:0 a.m.32 views

CVE-2011-4940

The listdirectory function in Lib/SimpleHTTPServer.py in SimpleHTTPServer in Python before 2.5.6c1, 2.6.x before 2.6.7 rc2, and 2.7.x before 2.7.2 does not place a charset parameter in the Content-Type HTTP header, which makes it easier for remote attackers to conduct cross-site scripting XSS...

5.3AI score0.03213EPSS
Exploits1References12
OSV
OSV
added 2012/06/27 10:0 a.m.12 views

PSF-2012-1 SimpleHTTPServer UTF-7

The listdirectory function in Lib/SimpleHTTPServer.py in SimpleHTTPServer in Python before 2.5.6c1, 2.6.x before 2.6.7 rc2, and 2.7.x before 2.7.2 does not place a charset parameter in the Content-Type HTTP header, which makes it easier for remote attackers to conduct cross-site scripting XSS...

2.6CVSS5.4AI score0.03213EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2012/06/27 10:0 a.m.38 views

CVE-2011-4940

The listdirectory function in Lib/SimpleHTTPServer.py in SimpleHTTPServer in Python before 2.5.6c1, 2.6.x before 2.6.7 rc2, and 2.7.x before 2.7.2 does not place a charset parameter in the Content-Type HTTP header, which makes it easier for remote attackers to conduct cross-site scripting XSS...

2.6CVSS6.6AI score0.03213EPSS
Exploits1
Debian
Debian
added 2012/05/08 7:28 p.m.8 views

[SECURITY] [DSA 2464-2] icedove regression update

------------------------------------------------------------------------- Debian Security Advisory DSA-2464-2 [email protected] http://www.debian.org/security/ Florian Weimer May 08, 2012 http://www.debian.org/security/faq -...

6.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2011/11/18 12:0 a.m.231 views

Apache HTTP Server 403 Error Page UTF-7 Encoded XSS

According to its banner, the version of Apache HTTP Server running on the remote host can be used in cross-site scripting XSS attacks. Making a specially crafted request can inject UTF-7 encoded script code into a 403 response page, resulting in XSS attacks. This is actually a web browser...

4.3CVSS7AI score0.54851EPSS
Exploits1References3
Packet Storm
Packet Storm
added 2010/12/29 12:0 a.m.21 views

Ad Muncher 4.81 Cross Site Scripting

Hello Full-Disclosure! I want to warn you about Cross-Site Scripting vulnerability in Ad Muncher. In May I already wrote about universal XSS in Ad Muncher http://websecurity.com.ua/4202/, which allowed to conduct XSS attacks on any sites in any browsers. Which existed in versions before Ad Munche...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2010/12/28 12:0 a.m.36 views

XSS уязвимость в Ad Muncher

Здравствуйте 3APA3A! Сообщаю вам о найденной мною Cross-Site Scripting уязвимости в Ad Muncher. Ранее я уже сообщал об универсальной XSS в Ad Muncher http://websecurity.com.ua/4202/, которая существовала в версиях до Ad Muncher 4.71. Данная уязвимость позволяет обойти защитные фильтры программы и...

5.7AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2010/12/15 9:19 a.m.2 views

Internet Explorer vulnerable to cross-site scripting

Overview Microsoft Internet Explorer contains a vulnerability in handling specific character encoding which may result in a cross-site scripting attack. Microsoft Internet Explorer contains a vulnerability in handling specific UTF-7 encoded characters, which may result in cross-site scripting. Fo...

4.3CVSS5.8AI score0.13615EPSS
Exploits0References9
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2010/12/15 12:0 a.m.37 views

JVN#30273074: Internet Explorer vulnerable to cross-site scripting

Microsoft Internet Explorer contains a vulnerability in handling specific UTF-7 encoded characters, which may result in cross-site scripting. Impact An arbitrary script may be executed. Solution Update the Software Apply the latest update according to the information provided by Microsoft. Produc...

4.3CVSS5.8AI score0.13615EPSS
Exploits0
Rows per page
Query Builder