978 matches found
MS08-041: Vulnerability in the ActiveX Control for the Snapshot Viewer for Microsoft Access Could Allow Remote Code Execution (955617)
The remote host contains a version of the ActiveX control for the Snapshot Viewer for Microsoft Access which is vulnerable to a security flaw that could allow an attacker to execute arbitrary code on the remote host by constructing a malicious web page and entice a victim to visit it. C Tenable...
SchoolCenter URL Handling Cross Site Scripting Vulnerability
SchoolCenter URL Handling Cross Site Scripting Vulnerability A vulnerability has been identified in SchoolCenter Software, which could be exploited to conduct cross site scripting attacks. Attackers can run arbitrary code that can be executed by the user's browser in the security context of an...
schoolcenter-xss.txt
SchoolCenter URL Handling Cross Site Scripting Vulnerability A vulnerability has been identified in SchoolCenter Software, which could be exploited to conduct cross site scripting attacks. Attackers can run arbitrary code that can be executed by the user's browser in the security context of an...
Microsoft Windows Web Client service buffer overflow
Buffer overflow on WebDAV server response parsing...
Microsoft Windows WebDAV Mini-Redirector Heap Overflow Vulnerability
Description Microsoft Windows is prone to a heap-overflow vulnerability in the WebDAV Mini-Redirector component also known as the Web Client service. This vulnerability may be triggered by a malicious WebDAV response. A successful exploit could let a remote attacker execute arbitrary code with...
megabbs-xss.txt
HSC MegaBBS ASP Forum Cross-Site Scripting MegaBBS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of t...
MegaBBS ASP Forum Cross-Site Scripting
HSC MegaBBS ASP Forum Cross-Site Scripting MegaBBS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of t...
Simple Machines Forum Cross-Site Scripting Vulnerabilities Vulnerabilities
HSC Simple Machines Forum Cross-Site Scripting Vulnerabilities Vulnerabilities Simple Machines Forum allows attackers to exploiting this vulnerability by cross-site scripting and they will be able to obtain detailed information. This may help the attacker steal cookie-based authentication...
LiveCart Multiple Cross-Site Scripting Vulnerabilities
HSC LiveCart Multiple Cross-Site Scripting Vulnerabilities LiveCart is a new PHP/MySQL powered shopping cart software developed by Integry Systems. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site...
livecart-xss.txt
HSC LiveCart Multiple Cross-Site Scripting Vulnerabilities LiveCart is a new PHP/MySQL powered shopping cart software developed by Integry Systems. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site...
IPortalX Forums Cross-Site Scripting Vulnerability
HSC IPortalX Forums Cross-Site Scripting Vulnerability IPortalX is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...
dokeos-xss.txt
HSC Dokeos Multiple Cross-Site Scripting Vulnerabilities Dokeos is a learning management systemused to manage e-learning. It's prone to cross-site scripting vulnerability. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the conte...
wconnect-xss.txt
HSC WCONNECT WC.DLL Cross-Site Scripting Vulnerability West Wind Web Connection is a tool for building Web applications using the Visual FoxPro environment but is also Vulnerable to Cross-Site scripting attacks. Admins need to password protect the application since its installed with out password...
CVE-2007-6203
Apache HTTP Server 2.0.x and 2.2.x does not sanitize the HTTP Method specifier header from an HTTP request when it is reflected back in a "413 Request Entity Too Large" error message, which might allow cross-site scripting XSS style attacks using web client components that can send arbitrary...
CVE-2007-6203
Apache HTTP Server 2.0.x and 2.2.x does not sanitize the HTTP Method specifier header from an HTTP request when it is reflected back in a "413 Request Entity Too Large" error message, which might allow cross-site scripting XSS style attacks using web client components that can send arbitrary...
gwextranet-multi.txt
HSC GWExtranet Script Injections & Privilege Escalation Vulnerability Attackers may exploit this issue via a web client. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may help the attacker...
mps-insertion.txt
HSCMySpace Scripts - Poll Creator JavaScript Injection Vulnerability Our MySpace Poll Creator script is the ultimate addition to your MySpace resource site. The script enables your user to quickly and easily create a poll that they can post to profile or bulletin to all their friends. Everyone...
GWExtranet Script Injections & Privilege Escalation Vulnerability
HSC GWExtranet Script Injections & Privilege Escalation Vulnerability Attackers may exploit this issue via a web client. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may help the attacker...
CVE-2007-5808
Unspecified vulnerability in the Groupmax Collaboration - Schedule component in Hitachi Groupmax Collaboration Portal 07-30 through 07-30-/F and 07-32 through 07-32-/C, uCosminexus Collaboration Portal 06-30 through 06-30-/F and 06-32 through 06-32-/C, and Groupmax Collaboration Web Client -...
smartshop-xss.txt
HSC Smart-Shop Shopping Cart Cross-Site Scripting Vulrnability SMART-SHOP shopping cart software is a all-in-one hosted e-commerce solution that creates and helps you maintain your online store fast, easy, and cost-effective. Many people using this software must be warned that there are holes in...