Show filters
140 Total Results
Displaying 51-60 of 140
Sort by:
Attacker Value
Unknown

CVE-2016-9424

Disclosure Date: December 12, 2016 (last updated December 30, 2023)
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m doesn't properly validate the value of tag attribute, which allows remote attackers to cause a denial of service (heap buffer overflow crash) and possibly execute arbitrary code via a crafted HTML page.
0
0
Attacker Value
Unknown

CVE-2016-9425

Disclosure Date: December 12, 2016 (last updated December 30, 2023)
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Heap-based buffer overflow in the addMultirowsForm function in w3m allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTML page.
0
0
Attacker Value
Unknown

CVE-2016-9428

Disclosure Date: December 12, 2016 (last updated December 30, 2023)
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Heap-based buffer overflow in the addMultirowsForm function in w3m allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTML page.
0
0
Attacker Value
Unknown

CVE-2016-9626

Disclosure Date: December 12, 2016 (last updated December 30, 2023)
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. Infinite recursion vulnerability in w3m allows remote attackers to cause a denial of service via a crafted HTML page.
0
0
Attacker Value
Unknown

CVE-2016-9437

Disclosure Date: December 12, 2016 (last updated December 30, 2023)
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) and possibly memory corruption via a crafted HTML page.
0
0
Attacker Value
Unknown

CVE-2016-9433

Disclosure Date: December 12, 2016 (last updated December 30, 2023)
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m allows remote attackers to cause a denial of service (out-of-bounds array access) via a crafted HTML page.
0
0
Attacker Value
Unknown

CVE-2014-9349

Disclosure Date: December 08, 2014 (last updated October 05, 2023)
Multiple cross-site scripting (XSS) vulnerabilities in admin/robots.lib.php in RobotStats 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) nom or (2) user_agent parameter to admin/robots.php.
0
0
Attacker Value
Unknown

CVE-2014-9348

Disclosure Date: December 08, 2014 (last updated October 05, 2023)
SQL injection vulnerability in the formulaireRobot function in admin/robots.lib.php in RobotStats 1.0 allows remote attackers to execute arbitrary SQL commands via the robot parameter to admin/robots.php.
0
0
Attacker Value
Unknown

CVE-2014-5456

Disclosure Date: August 25, 2014 (last updated October 05, 2023)
Cross-site scripting (XSS) vulnerability in the Social Stats module before 7.x-1.5 for Drupal allows remote authenticated users with the "[Content Type]: Create new content" permission to inject arbitrary web script or HTML via vectors related to the configuration.
0
0
Attacker Value
Unknown

CVE-2013-3721

Disclosure Date: May 31, 2013 (last updated October 05, 2023)
SQL injection vulnerability in awards.php in PsychoStats 3.2.2b allows remote attackers to execute arbitrary SQL commands via the d parameter.
0
0
View More Topics  < Previous  Next >