Lucene search
+L

7012 matches found

Cvelist
Cvelist
added 2011/01/28 8:29 p.m.39 views

CVE-2010-4710

Cross-site scripting XSS vulnerability in the addItem method in the Menu widget in YUI before 2.9.0 allows remote attackers to inject arbitrary web script or HTML via a field that is added to a menu, related to documentation that specifies this field as a text field rather than an HTML field, a...

5.5AI score0.0223EPSS
Exploits0References4
NVD
NVD
added 2011/01/28 4:0 p.m.24 views

CVE-2010-4569

Cross-site scripting XSS vulnerability in Bugzilla 3.7.1, 3.7.2, 3.7.3, and 4.0rc1 allows remote attackers to inject arbitrary web script or HTML via the real name field of a user account, related to the AutoComplete widget in YUI...

4.3CVSS5.5AI score0.01724EPSS
Exploits0References9
Prion
Prion
added 2011/01/28 4:0 p.m.29 views

Cross site scripting

Cross-site scripting XSS vulnerability in the duplicate-detection functionality in Bugzilla 3.7.1, 3.7.2, 3.7.3, and 4.0rc1 allows remote attackers to inject arbitrary web script or HTML via the summary field, related to the DataTable widget in YUI...

4.3CVSS5.9AI score0.01739EPSS
Exploits0References9Affected Software1
UbuntuCve
UbuntuCve
added 2011/01/28 4:0 p.m.27 views

CVE-2010-4570

Cross-site scripting XSS vulnerability in the duplicate-detection functionality in Bugzilla 3.7.1, 3.7.2, 3.7.3, and 4.0rc1 allows remote attackers to inject arbitrary web script or HTML via the summary field, related to the DataTable widget in YUI...

4.3CVSS6AI score0.01739EPSS
Exploits0References1
CVE
CVE
added 2011/01/28 3:0 p.m.74 views

CVE-2010-4569

CVE-2010-4569 is an XSS vulnerability in Bugzilla affecting versions 3.7.1, 3.7.2, 3.7.3, and 4.0rc1. The issue arises in Bugzilla’s user account real name field, related to the YUI AutoComplete widget, allowing remote attackers to inject arbitrary script/HTML. The connected records confirm the B...

4.3CVSS5.5AI score0.01724EPSS
Exploits0References9Affected Software1
CVE
CVE
added 2011/01/28 3:0 p.m.57 views

CVE-2010-4570

CVE-2010-4570 is an XSS vulnerability in Bugzilla’s duplicate-detection feature (Bugzilla 3.7.1/3.7.2/3.7.3/4.0rc1) where the summary field can be exploited via the DataTable widget in YUI to inject arbitrary script/HTML. Connected documents confirm the CVE is referenced among Bugzilla-related ad...

4.3CVSS5.6AI score0.01739EPSS
Exploits0References9Affected Software1
exploitpack
exploitpack
added 2011/01/25 12:0 a.m.11 views

WordPress Plugin FCChat Widget 2.1.7 - path Cross-Site Scripting

WordPress Plugin FCChat Widget 2.1.7 - path Cross-Site Scripting source: https://www.securityfocus.com/bid/46009/info The FCChat Widget plugin for WordPress is prone to a cross-site-scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2011/01/25 12:0 a.m.32 views

WordPress FCChat Widget 2.1.7 Cross Site Scripting

------------------------------------------------------------------------ Software................WordPress FCChat Widget 2.1.7 Vulnerability...........Reflected Cross-site Scripting Download................http://www.fastcatsoftware.com/ Release Date............1/23/2011 Tested...

0.5AI score
Exploits0
Patchstack
Patchstack
added 2011/01/25 12:0 a.m.9 views

WordPress FCChat Widget Plugin 2.1.7 - Cross-Site Scripting Vulnerability

FCChat Widget plugin's "path" parameter is prone to a cross-site scripting vulnerability. It fails to properly clean up user-supplied input. An attacker may execute arbitrary script code in the browser of an user in the context of the affected site. In this way the attacker can steal cookie-based...

3.1AI score
Exploits0References1Affected Software1
Exploit DB
Exploit DB
added 2011/01/25 12:0 a.m.18 views

WordPress Plugin FCChat Widget 2.1.7 - 'path' Cross-Site Scripting

source: https://www.securityfocus.com/bid/46009/info The FCChat Widget plugin for WordPress is prone to a cross-site-scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

7.4AI score
Exploits0
OpenVAS
OpenVAS
added 2010/12/28 12:0 a.m.36 views

Fedora Update for perl-Gtk2-MozEmbed FEDORA-2010-18773

Check for the Version of perl-Gtk2-MozEmbed OpenVAS Vulnerability Test Fedora Update for perl-Gtk2-MozEmbed FEDORA-2010-18773 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

9.3CVSS0.1AI score0.08669EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2010/12/28 12:0 a.m.28 views

Fedora Update for perl-Gtk2-MozEmbed FEDORA-2010-18775

Check for the Version of perl-Gtk2-MozEmbed OpenVAS Vulnerability Test Fedora Update for perl-Gtk2-MozEmbed FEDORA-2010-18775 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

9.3CVSS0.1AI score0.08669EPSS
Exploits1References2
Fedora
Fedora
added 2010/12/10 8:27 p.m.35 views

[SECURITY] Fedora 14 Update: perl-Gtk2-MozEmbed-0.08-6.fc14.22

This module allows you to use the Mozilla embedding widget from Perl...

9.3CVSS2.2AI score0.08669EPSS
Exploits1
OpenVAS
OpenVAS
added 2010/12/02 12:0 a.m.15 views

Fedora Update for perl-Gtk2-MozEmbed FEDORA-2010-15093

Check for the Version of perl-Gtk2-MozEmbed OpenVAS Vulnerability Test Fedora Update for perl-Gtk2-MozEmbed FEDORA-2010-15093 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

Exploits0References2
OpenVAS
OpenVAS
added 2010/12/02 12:0 a.m.35 views

Fedora Update for perl-Gtk2-MozEmbed FEDORA-2010-16897

Check for the Version of perl-Gtk2-MozEmbed OpenVAS Vulnerability Test Fedora Update for perl-Gtk2-MozEmbed FEDORA-2010-16897 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

9.3CVSS0.2AI score0.83279EPSS
Exploits16References2
OpenVAS
OpenVAS
added 2010/11/16 12:0 a.m.29 views

Fedora Update for perl-Gtk2-MozEmbed FEDORA-2010-16885

Check for the Version of perl-Gtk2-MozEmbed OpenVAS Vulnerability Test Fedora Update for perl-Gtk2-MozEmbed FEDORA-2010-16885 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

9.3CVSS0.2AI score0.83279EPSS
Exploits16References2
Tenable Nessus
Tenable Nessus
added 2010/11/12 12:0 a.m.107 views

jRSS Widget Plugin for WordPress proxy.php 'url' Parameter Arbitrary File Access

The version of the jRSS Widget plugin for WordPress installed on the remote host does not sanitize input to the 'url' parameter of the 'proxy.php' script before using it to return the contents of a file. An unauthenticated, remote attacker can exploit this issue to disclose the contents of...

5.6AI score
Exploits0References1
Packet Storm
Packet Storm
added 2010/11/09 12:0 a.m.38 views

WordPress jRSS Widget 1.1.1 Local File Inclusion

------------------------------------------------------------------------ Software................WordPress jRSS Widget 1.1.1 Vulnerability...........Local File Inclusion Download................http://wordpress.org/extend/plugins/jrss-widget/ Release Date............11/5/2010 Tested...

7.4AI score
Exploits0
Patchstack
Patchstack
added 2010/11/08 12:0 a.m.12 views

WordPress jRSS Widget Plugin 1.1.1 - Information Disclosure Vulnerability

This jRSS Widget plugin is prone to an information-disclosure vulnerability. Application fails to validate user-supplied data. Because of this issue, an attacker can view local files in the context of the affected application. In that way, the attacker obtains sensitive information. Other attacks...

3.1AI score
Exploits0References1Affected Software1
exploitpack
exploitpack
added 2010/11/08 12:0 a.m.43 views

WordPress Plugin jRSS Widget 1.1.1 - url Information Disclosure

WordPress Plugin jRSS Widget 1.1.1 - url Information Disclosure source: https://www.securityfocus.com/bid/44716/info The jRSS Widget Plugin for WordPress is prone to an information-disclosure vulnerability because it fails to sufficiently validate user-supplied data. An attacker can exploit this...

7.2AI score
Exploits0
Rows per page
Query Builder