Lucene search
K

4543 matches found

NVD
NVD
added 2004/02/03 5:0 a.m.21 views

CVE-2003-0817

Internet Explorer 5.01 through 6 SP1 allows remote attackers to bypass zone restrictions and read arbitrary files via an XML object...

7.5CVSS6.8AI score0.17957EPSS
Exploits0References10
NVD
NVD
added 2004/02/03 5:0 a.m.28 views

CVE-2003-0814

Internet Explorer 6 SP1 and earlier allows remote attackers to bypass zone restrictions and execute Javascript by setting the window's "href" to the malicious Javascript, then calling execCommand"Refresh" to refresh the page, aka BodyRefreshLoadsJPU or the "ExecCommand Cross Domain" vulnerability...

7.5CVSS6.9AI score0.2768EPSS
Exploits0References14
NVD
NVD
added 2004/02/03 5:0 a.m.20 views

CVE-2003-0816

Internet Explorer 6 SP1 and earlier allows remote attackers to bypass zone restrictions by 1 using the NavigateAndFind method to load a file: URL containing Javascript, as demonstrated by NAFfileJPU, 2 using the window.open method to load a file: URL containing Javascript, as demonstrated using...

7.5CVSS6.5AI score0.48374EPSS
Exploits0References30
NVD
NVD
added 2004/02/03 5:0 a.m.22 views

CVE-2003-0815

Internet Explorer 6 SP1 and earlier allows remote attackers to bypass zone restrictions and read arbitrary files by 1 modifying the createTextRange method and using CreateLink, as demonstrated using LinkillerSaveRef, LinkillerJPU, and Linkiller, or 2 modifying the createRange method and using the...

7.5CVSS6.8AI score0.18735EPSS
Exploits0References22
Exploit DB
Exploit DB
added 2004/02/03 12:0 a.m.31 views

Microsoft Internet Explorer 5 - NavigateAndFind() Cross-Zone Policy (MS04-004)

source: https://www.securityfocus.com/bid/9568/info A vulnerability has been reported in Microsoft Internet Explorer. Because of this, an attacker may be able to violate cross-zone policy. It has been reported that the issue presents itself due to a failure by Internet Explorer to remove JavaScri...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2004/02/03 12:0 a.m.27 views

ZH2004-03SA.txt

ZH2004-03SA security advisory: Photopost PHP Pro 4.6 Sql Injection Vulnerability Published: 02 february 2004 Released: 02 february 2004 Name: Photopost PHP Pro Affected Systems: 4.6 and prior versions Issue: Sql Injection Vulnerability Author: G00db0y from Zone-h Security Labs - [email protected]...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2004/02/03 12:0 a.m.15 views

Microsoft Internet Explorer 5 - NavigateAndFind() Cross-Zone Policy (MS04-004)

Microsoft Internet Explorer 5 - NavigateAndFind Cross-Zone Policy MS04-004 source: https://www.securityfocus.com/bid/9568/info A vulnerability has been reported in Microsoft Internet Explorer. Because of this, an attacker may be able to violate cross-zone policy. It has been reported that the iss...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2004/01/30 12:0 a.m.26 views

ZH2004-01SA (security advisory): Web Blog 1.1 Remote arbitrary files retrieving

ZH2004-01SA security advisory: Web Blog 1.1 Remote arbitrary files retrieving Published: 28 january 2004 Released: 28 january 2004 Name: Web Blog Affected Systems: 1.1 Issue: Remote file retrieving Author: Zone-h Security Labs Vendor: http://leifwright.com Description Zone-h Security Team has...

1.7AI score
Exploits0
securityvulns
securityvulns
added 2004/01/30 12:0 a.m.34 views

ZH2004-02SA (security advisory): PJ CGI Neo review (NeoBoard review) Remote arbitrary file retrieving

ZH2004-02SA security advisory: PJ CGI Neo review NeoBoard review Remote arbitrary file retrieving Published: 29 january 2004 Released: 29 january 2004 Name: PJ CGI Neo review NeoBoard review Affected Systems: Current version Issue: Remote file retrieving Author: Zone-h Security Labs Vendor:...

1.1AI score
Exploits0
Packet Storm
Packet Storm
added 2004/01/29 12:0 a.m.28 views

ZH2004-02SA.txt

ZH2004-02SA security advisory: PJ CGI Neo review NeoBoard review Remote arbitrary file retrieving Published: 29 january 2004 Released: 29 january 2004 Name: PJ CGI Neo review NeoBoard review Affected Systems: Current version Issue: Remote file retrieving Author: Zone-h Security Labs Vendor:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2004/01/28 12:0 a.m.19 views

ZH2004-01SA.txt

ZH2004-01SA security advisory: Web Blog 1.1 Remote arbitrary files retrieving Published: 28 january 2004 Released: 28 january 2004 Name: Web Blog Affected Systems: 1.1 Issue: Remote file retrieving Author: Zone-h Security Labs Vendor: http://leifwright.com Description Zone-h Security Team has...

7.4AI score
Exploits0
NVD
NVD
added 2004/01/20 5:0 a.m.38 views

CVE-2003-1026

Internet Explorer 5.01 through 6 SP1 allows remote attackers to bypass zone restrictions via a javascript protocol URL in a sub-frame, which is added to the history list and executed in the top window's zone when the history.back back function is called, as demonstrated by BackToFramedJpu, aka th...

9.3CVSS6.5AI score0.39211EPSS
Exploits1References14
CVE
CVE
added 2004/01/14 5:0 a.m.65 views

CVE-2003-0814

CVE-2003-0814 affects Internet Explorer 6 SP1 and earlier. The flaw, known as ExecCommand Cross Domain, allows a malicious page to bypass cross-domain zone restrictions and execute Javascript or potentially run code in the user’s context by abusing the window.execCommand('Refresh') flow. Connecte...

7.5CVSS7.8AI score0.2768EPSS
Exploits0References14Affected Software2
Cvelist
Cvelist
added 2004/01/14 5:0 a.m.30 views

CVE-2003-0815

Internet Explorer 6 SP1 and earlier allows remote attackers to bypass zone restrictions and read arbitrary files by 1 modifying the createTextRange method and using CreateLink, as demonstrated using LinkillerSaveRef, LinkillerJPU, and Linkiller, or 2 modifying the createRange method and using the...

7.7AI score0.18735EPSS
Exploits0References22
Cvelist
Cvelist
added 2004/01/14 5:0 a.m.27 views

CVE-2003-0814

Internet Explorer 6 SP1 and earlier allows remote attackers to bypass zone restrictions and execute Javascript by setting the window's "href" to the malicious Javascript, then calling execCommand"Refresh" to refresh the page, aka BodyRefreshLoadsJPU or the "ExecCommand Cross Domain" vulnerability...

7.8AI score0.2768EPSS
Exploits0References14
CVE
CVE
added 2004/01/14 5:0 a.m.64 views

CVE-2003-0815

CVE-2003-0815 concerns cross-domain vulnerabilities in Internet Explorer 6 SP1 and earlier. The connected OpenVAS and NVD entries describe three CAN-2003-0814/0815/0816 variants (ExecCommand, Function Pointer Override, Script URL) that could bypass the browser’s cross-domain security model, enabl...

7.5CVSS7.7AI score0.18735EPSS
Exploits0References22Affected Software2
CVE
CVE
added 2004/01/14 5:0 a.m.79 views

CVE-2003-0816

CVE-2003-0816 applies to Internet Explorer 6 SP1 and earlier and is the Script URLs Cross Domain vulnerability (CAN-2003-0816). It allows a remote attacker to bypass IE’s cross-domain security by abusing scripted navigation and framing techniques (NavigateAndFind with file:JavaScript URLs, window...

7.5CVSS7.6AI score0.48374EPSS
Exploits0References30Affected Software2
Cvelist
Cvelist
added 2004/01/14 5:0 a.m.26 views

CVE-2003-0817

Internet Explorer 5.01 through 6 SP1 allows remote attackers to bypass zone restrictions and read arbitrary files via an XML object...

7.7AI score0.17957EPSS
Exploits0References10
Cvelist
Cvelist
added 2004/01/14 5:0 a.m.30 views

CVE-2003-0816

Internet Explorer 6 SP1 and earlier allows remote attackers to bypass zone restrictions by 1 using the NavigateAndFind method to load a file: URL containing Javascript, as demonstrated by NAFfileJPU, 2 using the window.open method to load a file: URL containing Javascript, as demonstrated using...

7.5AI score0.48374EPSS
Exploits0References30
Cvelist
Cvelist
added 2004/01/08 5:0 a.m.44 views

CVE-2003-1026

Internet Explorer 5.01 through 6 SP1 allows remote attackers to bypass zone restrictions via a javascript protocol URL in a sub-frame, which is added to the history list and executed in the top window's zone when the history.back back function is called, as demonstrated by BackToFramedJpu, aka th...

7.5AI score0.39211EPSS
Exploits1References14
Rows per page
Query Builder