7422 matches found
CVE-2004-2083
Opera Web Browser 7.0 through 7.23 allows remote attackers to trick users into executing a malicious file by embedding a CLSID in the file name, which causes the malicious file to appear as a trusted file type, aka "File Download Extension Spoofing."...
PHPGedView 2.5/2.6 - 'calendar.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/11907/info It is reported that PhpGedView is affected by a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied URI input. This issue could permit a remote attacker to create a malicious...
Private Message System 2.x - 'index.php?Page' Cross-Site Scripting
source: https://www.securityfocus.com/bid/9308/info Private Message System is prone to a cross-site scripting vulnerability. This issue may be exploited by creating a malicious link to a site hosting the software with hostile HTML and script code embedded in URI parameters. If the link is followe...
L-Soft 1.8 - Listserv Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/9307/info Multiple cross-site scripting vulnerabilities have been reported in L-Soft Listserv. An attacker may exploit these issues by embedding hostile HTML and script code in a link to a site hosting the software. This could permit theft of cookie-based...
Cross-site scripting vulnerability in SARA v<=4.2.7
XSS Vulnerability in Security Auditor's Research Assistant SARA versions before 5.0.0 Affects: SARA versions 4.2.6 and 4.2.7. Older versions not tested, presumably affected. Related software sharing common ancestry: SATAN 1.1.1 would not run properly on my test platform, but checking the code it...
Opera: buffer overflows in 7.11 and 7.20
Background Opera is a multi-platform web browser. Description The Opera browser can cause a buffer allocated on the heap to overflow under certain HREFs when rendering HTML. The mail system is also deemed vulnerable and an attacker can send an email containing a malformed HREF, or plant the...
Opera Web Browser 7.x - URI Handler Directory Traversal
Opera Web Browser 7.x - URI Handler Directory Traversal source: https://www.securityfocus.com/bid/9021/info It has been reported that Opera is vulnerable to a directory traversal issue that may allow an attacker to access sensitive information. The problem presents itself due to insufficient...
Opera Web Browser 7.x - URI Handler Directory Traversal
source: https://www.securityfocus.com/bid/9021/info It has been reported that Opera is vulnerable to a directory traversal issue that may allow an attacker to access sensitive information. The problem presents itself due to insufficient sanitization of user-supplied data through the 'Opera:' URI...
PBLang 4.04.56 Bulletin Board System - IMG Tag HTML Injection
PBLang 4.04.56 Bulletin Board System - IMG Tag HTML Injection source: https://www.securityfocus.com/bid/8286/info PBLang is prone to an HTML injection vulnerability. An attacker may exploit this issue by including hostile HTML and script code encapsulated in PBLang tags, when posting to the...
Softshoe - Parse-file Cross-Site Scripting
source: https://www.securityfocus.com/bid/8294/info Softshoe is allegedly prone to cross-site scripting attacks. An attacker can exploit this issue by creating a malicious link that contains hostile HTML or script code to a site that is hosting the vulnerable software. If such a link is visited,...
e107 Website System 0.554 - HTML Injection
source: https://www.securityfocus.com/bid/8279/info The e107 content management system is prone to an HTML injection vulnerability. This issue is exposed through the class2.php script. An attacker may exploit this issue by including hostile HTML and script code in certain fields within the form...
Drupal 4.14.2 - Cross-Site Scripting
Drupal 4.14.2 - Cross-Site Scripting source: https://www.securityfocus.com/bid/8235/info The Drupal content management system is prone to a cross-site scripting vulnerability. This issue is exposed through the main page and through other sub-pages. An attacker may exploit this issue by including...
Drupal 4.1/4.2 - Cross-Site Scripting
source: https://www.securityfocus.com/bid/8235/info The Drupal content management system is prone to a cross-site scripting vulnerability. This issue is exposed through the main page and through other sub-pages. An attacker may exploit this issue by including hostile HTML and script code in a...
[Opera 7] Five DoS codes on general web sites
--------------------------------------------------------------------------------- TITLE :Opera 7 Five DoS codes on general web sites -= Fastest browser on earth, Fastest crash on earth too =- PRODUCT : Opera for Windows VERSIONS : 7.11b build 2887 7.11 build 2880 7.10 build 2840 7.03 build 2670...
Symantec Security Check RuFSI - ActiveX Control Buffer Overflow
Symantec Security Check RuFSI - ActiveX Control Buffer Overflow source: https://www.securityfocus.com/bid/8008/info It has been reported that the RuFSI Utility Class is vulnerable to a boundary condition error when invoked with long strings. This could potentially lead to the execution of code wi...
Buffer overflow
Product: Opera Version: 7.10 and other ? OffSite: http://www.opera.com/ Problem: Buffer overflow ------------------------------------------ Opera - popular web-browser. Local and remote buffer overflow will take place if client open in browser this page: DIV...
CVE-2003-0160
CVE-2003-0160 affects SquirrelMail before 1.2.11. The vulnerability is described as multiple cross-site scripting (XSS) flaws that allow remote attackers to inject arbitrary HTML and steal information from a client’s web browser. The provided documents do not specify the root cause details or a r...
Opera 6.0/7.0 - 'Filename Download' Buffer Overrun
source: https://www.securityfocus.com/bid/7056/info A buffer overrun vulnerability has been discovered in the Opera web browser. The issue affects Opera versions 6 and 7 on the Microsoft Windows platform. Due to insufficient bounds checking when copying file names to a temporary buffer it may be...
DSA-210 lynx - CRLF injection
Bulletin has no description...
Buffer overflow in Opera/Konqueror
Buffer overflow on large image scaleling...