17 matches found
EUVD-2021-13394
Malware in sbrugna...
EUVD-2024-30954
Malicious code in bioql PyPI...
CVE-2025-52462
Cross-site scripting vulnerability exists in Active! mail 6 BuildInfo: 6.30.01004145 to 6.60.06008562. If this vulnerability is exploited, an arbitrary script may be executed on the logged-in user's web browser when the user is accessing a specially crafted URL...
CVE-2025-41439
A reflected cross-site scripting vulnerability via a specific parameter exists in SLNX Help Documentation of RICOH Streamline NX. If this vulnerability is exploited, an arbitrary script may be executed in the web browser of the user who accessed the product...
CVE-2023-42436
Stored cross-site scripting vulnerability exists in the presentation feature of GROWI versions prior to v3.4.0. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the site using the product...
CVE-2021-32692
Activity Watch is a free and open-source automated time tracker. Versions prior to 0.11.0 allow an attacker to execute arbitrary commands on any macOS machine with ActivityWatch running. The attacker can exploit this vulnerability by having the user visiting a website with the page title set to a...
CVE-2020-29127
An issue was discovered on Fujitsu Eternus Storage DX200 S4 devices through 2020-11-25. After logging into the portal as a root user using any web browser, the portal can be accessed with root privileges when the URI cgi-bin/csp?cspid=XXXXXXXXXX=cgiPgOverview=en is visited from a different web...
CVE-2020-8954
OpenSearch Web browser 1.0.4.9 allows Intent Scheme Hijacking.a link that opens another app in the browser can be manipulated...
CVE-2012-2648
Cross-site scripting XSS vulnerability in the GoodReader app 3.16 and earlier for iOS on the iPad, and 3.15.1 and earlier for iOS on the iPhone and iPod touch, allows remote attackers to inject arbitrary web script or HTML via vectors involving use of this app in conjunction with a web browser...
CVE-2024-52268
Cross-site scripting vulnerability exists in VK All in One Expansion Unit versions prior to 9.100.1.0. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is accessing the web site using the product...
CVE-2023-48642
Archer Platform 6.x before 6.13 P2 6.13.0.2 contains an authenticated HTML content injection vulnerability. A remote authenticated malicious Archer user could potentially exploit this to store malicious HTML code in a trusted application data store. When victim users access the data store through...
Formstone Vulnerable to Reflected XSS
Formstone =1.4.16 is vulnerable to a Reflected Cross-Site Scripting XSS vulnerability caused by improper validation of user supplied input in the upload-target.php and upload-chunked.php files. A remote attacker could exploit this vulnerability using a specially crafted URL to execute a script in...
FlatNuke 2.5.5 structure.php Multiple Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/14483/info FlatNuke is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these vulnerabilities t...
Apple Safari 1.2 Web Browser - TABLE Status Bar URI Obfuscation
Apple Safari 1.2 Web Browser - TABLE Status Bar URI Obfuscation source: https://www.securityfocus.com/bid/11573/info A URI obfuscation weakness reportedly affects the Apple Safari Web Browser. This issue may be leveraged by an attacker to display false information in the status bar of an...
Softshoe - Parse-file Cross-Site Scripting
source: https://www.securityfocus.com/bid/8294/info Softshoe is allegedly prone to cross-site scripting attacks. An attacker can exploit this issue by creating a malicious link that contains hostile HTML or script code to a site that is hosting the vulnerable software. If such a link is visited,...
Drupal 4.1/4.2 - Cross-Site Scripting
source: https://www.securityfocus.com/bid/8235/info The Drupal content management system is prone to a cross-site scripting vulnerability. This issue is exposed through the main page and through other sub-pages. An attacker may exploit this issue by including hostile HTML and script code in a...
msie.5.0.egg.txt
From: "Gibney, Tim" Subject: Not the place but... ...try it anyway. Heh... try this in IE5. Trust me the last part is good : Open up IE5 From the menu, select Tools Internet Options General tab Languages button Press 'Add' Type: "ie-ee" without the quotes and click 'OK' Move "User Defined ie-ee" ...