25 matches found
CVE-2009-4812
Wolfram Research webMathematica allows remote attackers to obtain sensitive information via a direct request to the MSP script, which reveals the installation path in an error message...
EUVD-2009-4777
Malware in sbrugna...
EUVD-2009-4775
Malware in sbrugna...
webMathematica 3 'MSP' Script Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/37451/info webMathematica is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of ...
Wolfram Research webMathematica 4.0 File Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5035/info Wolfram Research's webMathematica is a Java based product which allows the inclusion of Mathematica content in a web environment. It includes CGI programs which generate image content based on user supplied inpu...
Information disclosure
Wolfram Research webMathematica allows remote attackers to obtain sensitive information via a direct request to the MSP script, which reveals the installation path in an error message...
Cross site scripting
Cross-site scripting XSS vulnerability in Wolfram Research webMathematica allows remote attackers to inject arbitrary web script or HTML via the URI to the MSP script...
CVE-2009-4814
Cross-site scripting XSS vulnerability in Wolfram Research webMathematica allows remote attackers to inject arbitrary web script or HTML via the URI to the MSP script...
CVE-2009-4812
Wolfram Research webMathematica allows remote attackers to obtain sensitive information via a direct request to the MSP script, which reveals the installation path in an error message...
CVE-2009-4812
Wolfram Research webMathematica allows remote attackers to obtain sensitive information via a direct request to the MSP script, which reveals the installation path in an error message...
CVE-2009-4814
Cross-site scripting XSS vulnerability in Wolfram Research webMathematica allows remote attackers to inject arbitrary web script or HTML via the URI to the MSP script...
CVE-2009-4812
CVE-2009-4812 affects Wolfram Research WebMathematica. An unauthenticated remote attacker can cause the MSP script to disclose the installation path in an error message, resulting in information disclosure. No remediation details are provided in the supplied documents. Exploitation status is not ...
CVE-2009-4814
CVE-2009-4814 describes a cross-site scripting (XSS) vulnerability in Wolfram Research WebMathematica, allowing remote attackers to inject arbitrary web script or HTML via the URI to the MSP script. The documents identify the affected component as the WebMathematica MSP script handling URI input,...
webMathematica XSS Vulnerability
No description provided by source. In some installations, the MSP script of webMathematica is vulnerable to reflected XSS. Just insert a backslash after the script name MSP, which is normally located under the "webMathematica" folder: http://www.example.com/webMathematica/MSP\scriptalert'a'/scrip...
webMathematica 3 - MSP Script Cross-Site Scripting
webMathematica 3 - MSP Script Cross-Site Scripting source: https://www.securityfocus.com/bid/37451/info webMathematica is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code i...
webMathematica 3 - 'MSP' Script Cross-Site Scripting
source: https://www.securityfocus.com/bid/37451/info webMathematica is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the contex...
webMathematica Cross Site Scripting
Hi list I tried to follow the RainForest Puppy Policy, but Wolfram didn't respond to my email within 5 days. In some installations, the MSP script of webMathematica is vulnerable to reflected XSS. Just insert a backslash after the script name MSP, which is normally located under the...
CVE-2002-0926
Directory traversal vulnerability in Wolfram Research webMathematica 1.0.0 and 1.0.0.1 allows remote attackers to read arbitrary files via a .. dot dot in the MSPStoreID parameter...
CVE-2002-0926
The CVE-2002-0926 issue affects Wolfram Research webMathematica 1.0.0 and 1.0.0.1. A directory-traversal vulnerability allows remote attackers to read arbitrary files by manipulating the MSPStoreID parameter. The CERT/CC entry corroborates that reading arbitrary files is possible via absolute pat...
EUVD-2002-0917
Directory traversal vulnerability in Wolfram Research webMathematica 1.0.0 and 1.0.0.1 allows remote attackers to read arbitrary files via a .. dot dot in the MSPStoreID parameter...