7012 matches found
CVE-2010-4710
Cross-site scripting XSS vulnerability in the addItem method in the Menu widget in YUI before 2.9.0 allows remote attackers to inject arbitrary web script or HTML via a field that is added to a menu, related to documentation that specifies this field as a text field rather than an HTML field, a...
CVE-2010-4569
Cross-site scripting XSS vulnerability in Bugzilla 3.7.1, 3.7.2, 3.7.3, and 4.0rc1 allows remote attackers to inject arbitrary web script or HTML via the real name field of a user account, related to the AutoComplete widget in YUI...
Cross site scripting
Cross-site scripting XSS vulnerability in the duplicate-detection functionality in Bugzilla 3.7.1, 3.7.2, 3.7.3, and 4.0rc1 allows remote attackers to inject arbitrary web script or HTML via the summary field, related to the DataTable widget in YUI...
CVE-2010-4570
Cross-site scripting XSS vulnerability in the duplicate-detection functionality in Bugzilla 3.7.1, 3.7.2, 3.7.3, and 4.0rc1 allows remote attackers to inject arbitrary web script or HTML via the summary field, related to the DataTable widget in YUI...
CVE-2010-4569
CVE-2010-4569 is an XSS vulnerability in Bugzilla affecting versions 3.7.1, 3.7.2, 3.7.3, and 4.0rc1. The issue arises in Bugzilla’s user account real name field, related to the YUI AutoComplete widget, allowing remote attackers to inject arbitrary script/HTML. The connected records confirm the B...
CVE-2010-4570
CVE-2010-4570 is an XSS vulnerability in Bugzilla’s duplicate-detection feature (Bugzilla 3.7.1/3.7.2/3.7.3/4.0rc1) where the summary field can be exploited via the DataTable widget in YUI to inject arbitrary script/HTML. Connected documents confirm the CVE is referenced among Bugzilla-related ad...
WordPress Plugin FCChat Widget 2.1.7 - path Cross-Site Scripting
WordPress Plugin FCChat Widget 2.1.7 - path Cross-Site Scripting source: https://www.securityfocus.com/bid/46009/info The FCChat Widget plugin for WordPress is prone to a cross-site-scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this...
WordPress FCChat Widget 2.1.7 Cross Site Scripting
------------------------------------------------------------------------ Software................WordPress FCChat Widget 2.1.7 Vulnerability...........Reflected Cross-site Scripting Download................http://www.fastcatsoftware.com/ Release Date............1/23/2011 Tested...
WordPress FCChat Widget Plugin 2.1.7 - Cross-Site Scripting Vulnerability
FCChat Widget plugin's "path" parameter is prone to a cross-site scripting vulnerability. It fails to properly clean up user-supplied input. An attacker may execute arbitrary script code in the browser of an user in the context of the affected site. In this way the attacker can steal cookie-based...
WordPress Plugin FCChat Widget 2.1.7 - 'path' Cross-Site Scripting
source: https://www.securityfocus.com/bid/46009/info The FCChat Widget plugin for WordPress is prone to a cross-site-scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...
Fedora Update for perl-Gtk2-MozEmbed FEDORA-2010-18773
Check for the Version of perl-Gtk2-MozEmbed OpenVAS Vulnerability Test Fedora Update for perl-Gtk2-MozEmbed FEDORA-2010-18773 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...
Fedora Update for perl-Gtk2-MozEmbed FEDORA-2010-18775
Check for the Version of perl-Gtk2-MozEmbed OpenVAS Vulnerability Test Fedora Update for perl-Gtk2-MozEmbed FEDORA-2010-18775 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...
[SECURITY] Fedora 14 Update: perl-Gtk2-MozEmbed-0.08-6.fc14.22
This module allows you to use the Mozilla embedding widget from Perl...
Fedora Update for perl-Gtk2-MozEmbed FEDORA-2010-15093
Check for the Version of perl-Gtk2-MozEmbed OpenVAS Vulnerability Test Fedora Update for perl-Gtk2-MozEmbed FEDORA-2010-15093 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...
Fedora Update for perl-Gtk2-MozEmbed FEDORA-2010-16897
Check for the Version of perl-Gtk2-MozEmbed OpenVAS Vulnerability Test Fedora Update for perl-Gtk2-MozEmbed FEDORA-2010-16897 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...
Fedora Update for perl-Gtk2-MozEmbed FEDORA-2010-16885
Check for the Version of perl-Gtk2-MozEmbed OpenVAS Vulnerability Test Fedora Update for perl-Gtk2-MozEmbed FEDORA-2010-16885 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...
jRSS Widget Plugin for WordPress proxy.php 'url' Parameter Arbitrary File Access
The version of the jRSS Widget plugin for WordPress installed on the remote host does not sanitize input to the 'url' parameter of the 'proxy.php' script before using it to return the contents of a file. An unauthenticated, remote attacker can exploit this issue to disclose the contents of...
WordPress jRSS Widget 1.1.1 Local File Inclusion
------------------------------------------------------------------------ Software................WordPress jRSS Widget 1.1.1 Vulnerability...........Local File Inclusion Download................http://wordpress.org/extend/plugins/jrss-widget/ Release Date............11/5/2010 Tested...
WordPress jRSS Widget Plugin 1.1.1 - Information Disclosure Vulnerability
This jRSS Widget plugin is prone to an information-disclosure vulnerability. Application fails to validate user-supplied data. Because of this issue, an attacker can view local files in the context of the affected application. In that way, the attacker obtains sensitive information. Other attacks...
WordPress Plugin jRSS Widget 1.1.1 - url Information Disclosure
WordPress Plugin jRSS Widget 1.1.1 - url Information Disclosure source: https://www.securityfocus.com/bid/44716/info The jRSS Widget Plugin for WordPress is prone to an information-disclosure vulnerability because it fails to sufficiently validate user-supplied data. An attacker can exploit this...