Show filters
79 Total Results
Displaying 71-79 of 79
Sort by:
Attacker Value
Unknown

CVE-2008-4919

Disclosure Date: November 04, 2008 (last updated October 04, 2023)
Insecure method vulnerability in VISAGESOFT eXPert PDF Viewer X ActiveX control (VSPDFViewerX.ocx) 3.0.990.0 allows remote attackers to overwrite arbitrary files via a full pathname to the savePageAsBitmap method.
0
0
Attacker Value
Unknown

CVE-2008-1871

Disclosure Date: April 17, 2008 (last updated October 04, 2023)
SQL injection vulnerability in links.php in Scriptsagent.com Links Directory 1.1 allows remote authenticated users to execute arbitrary SQL commands via the cat_id parameter in a list action.
0
0
Attacker Value
Unknown

CVE-2007-0896

Disclosure Date: February 13, 2007 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in the (1) Sage before 1.3.10, and (2) Sage++ extensions for Firefox, allows remote attackers to inject arbitrary web script or HTML via a "<SCRIPT/=''SRC='" sequence in an RSS feed, a different vulnerability than CVE-2006-4712.
0
0
Attacker Value
Unknown

CVE-2006-6919

Disclosure Date: January 11, 2007 (last updated October 04, 2023)
Firefox Sage extension 1.3.8 and earlier allows remote attackers to execute arbitrary Javascript in the local context via an RSS feed with an img tag containing the script followed by an extra trailing ">", which Sage modifies to close the img element before the malicious script.
0
0
Attacker Value
Unknown

CVE-2006-6151

Disclosure Date: November 28, 2006 (last updated October 04, 2023)
PHP remote file inclusion vulnerability in centre.php in Messagerie Locale as of 20061127 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
0
0
Attacker Value
Unknown

CVE-2006-4712

Disclosure Date: September 12, 2006 (last updated October 04, 2023)
Multiple cross-site scripting (XSS) vulnerabilities in Sage 1.3.6 allow remote attackers to inject arbitrary web script or HTML via JavaScript in a content:encoded element within an item element in an RSS feed, as demonstrated by four example content:encoded elements that use XMLHttpRequest to read arbitrary local files, aka "Cross Context Scripting."
0
0
Attacker Value
Unknown

CVE-2006-4711

Disclosure Date: September 12, 2006 (last updated October 04, 2023)
Multiple cross-site scripting (XSS) vulnerabilities in Sage allow remote attackers to inject arbitrary web script or HTML via an Atom 1.0 feed, as demonstrated by certain test cases of the James M. Snell Atom 1.0 feed reader test suite.
0
0
Attacker Value
Unknown

CVE-2001-1070

Disclosure Date: August 31, 2001 (last updated February 22, 2025)
Sage Software MAS 200 allows remote attackers to cause a denial of service by connecting to port 10000 and entering a series of control characters.
0
0
Attacker Value
Unknown

CVE-1999-0925

Disclosure Date: September 03, 1999 (last updated February 22, 2025)
UnityMail allows remote attackers to conduct a denial of service via a large number of MIME headers.
0
0
View More Topics  < Previous