15 matches found
EUVD-2007-3470
Malware in sbrugna...
EUVD-2012-2920
Malware in sbrugna...
Новая XSS уязвимость в Yandex.Server
Здравствуйте 3APA3A! Сообщаю вам о новой Cross-Site Scripting уязвимости в Yandex.Server Яндекс.Сервер. Ранее я уже сообщал о других XSS в Yandex.Server CVE-2007-3485 и в 2007 году о них сообщал Яндексу. Который должен был исправить уязвимости и не допускать новых. Но Яндекс с этим не справился и...
CVE-2012-2941
Cross-site scripting XSS vulnerability in search/ in Yandex.Server 2010 9.0 Enterprise allows remote attackers to inject arbitrary web script or HTML via the text parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in search/ in Yandex.Server 2010 9.0 Enterprise allows remote attackers to inject arbitrary web script or HTML via the text parameter...
CVE-2012-2941
Cross-site scripting XSS vulnerability in search/ in Yandex.Server 2010 9.0 Enterprise allows remote attackers to inject arbitrary web script or HTML via the text parameter...
CVE-2012-2941
CVE-2012-2941 affects Yandex.Server 2010 9.0 Enterprise. A Cross-Site Scripting (XSS) vulnerability exists in the search/ functionality, allowing remote attackers to inject arbitrary web script or HTML via the text parameter. The issue arises in the search component; exploitation details, affecte...
Yandex.Server 2010 9.0 Enterprise Cross Site Scripting
Hello list! I want to warn you about new Cross-Site Scripting vulnerability in Yandex.Server. Earlier I've informed about other XSS in Yandex.Server CVE-2007-3485 - mentioned about them in my Month of Search Engines Bugs project. And in 2007 I've informed Yandex about them. Which should fix these...
Yandex.Server 2010 9.0 - text Cross-Site Scripting
Yandex.Server 2010 9.0 - text Cross-Site Scripting source: https://www.securityfocus.com/bid/53622/info Yandex.Server is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code...
Yandex.Server 2010 9.0 - 'text' Cross-Site Scripting
source: https://www.securityfocus.com/bid/53622/info Yandex.Server is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...
MOSEB-07 Bonus: Vulnerabilities in Yandex.Server
New bonus vulnerabilities in Yandex. In this case vulnerabilities not directly at Yandex’s site, like at MOSEB-07: Vulnerability at blogs.yandex.ru, but in local search engine made by Yandex. The holes are in Yandex.Server Яndex.Server, local search engine from Yandex, which used by a lot of site...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Yandex.Server allow remote attackers to inject arbitrary web script or HTML via the 1 query or 2 within parameter to the default URI...
CVE-2007-3485
Multiple cross-site scripting XSS vulnerabilities in Yandex.Server allow remote attackers to inject arbitrary web script or HTML via the 1 query or 2 within parameter to the default URI...
CVE-2007-3485
Multiple cross-site scripting XSS vulnerabilities in Yandex.Server allow remote attackers to inject arbitrary web script or HTML via the 1 query or 2 within parameter to the default URI...
CVE-2007-3485
CVE-2007-3485 involves multiple XSS vulnerabilities in Yandex.Server. Public records in the provided documents show that remote attackers could inject arbitrary web script or HTML via the (1) query parameter or (2) within parameter to the default URI. The NVD entry lists a MEDIUM-severity vector ...