[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248392

 
 

909

 
 

195452

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 26099 Download | Alert*

A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input. An authenticated attacker could exploit the vulnerability by sending a specially crafted payload to the Team Foundation Server, which will get executed in the context of the user every time a user visits the compromised page. The attacker who successfully exploited the vuln ...

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. The attacker who successfully exploited the vulnerability could then perform cross-site scrip ...

A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. The attacker who successfully exploited the vulnerability could then perform cross-site scripting attacks on af ...

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. The attacker who successfully exploited the vulnerability could then perform cross-site scriptin ...

The host is installed with Apache CouchDB before 1.0.4, 1.1.x before 1.1.2 or 1.2.x before 1.2.1 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to handle differences issue in Erlang-based JSON parser and JavaScript-based JSON parser. Successful exploitation could allow attackers to bypass certain restrictions and gain elevated privilege ...

The host is installed with Apache CouchDB before 1.0.4, 1.1.x before 1.1.2 or 1.2.x before 1.2.1 and is prone to a cross-site scripting (XSS) vulnerability. A flaw is present in the application, which fails to handle a issue in Futon UI. Successful exploitation could allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to the browser-based test suite.

The host is installed with Bamboo CI server before 6.2.3 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle an issue in the plan configure branches resource. Successful exploitation could allow attackers to inject arbitrary HTML or JavaScript via a cross site scripting vulnerability through the name of a branch.

The host is installed with Zoho ManageEngine ADSelfService Plus before build 6104 and is prone to a stored XSS vulnerability. A flaw is present in the application, which does not properly handle the e-mail address field. Successful exploitation allows stored XSS on the /webclient/index.html#/directory-search user search page.

The host is installed with IBM DB2 11.1 before 11.1.4FP6 or 11.5 before 11.5.5FP1 and is prone to a denial of service vulnerability. A flaw is present in the application which fails to handle a specifically crafted select statement. Successful exploitation allows an attacker to terminate the server abnormally.

The host is installed with PHP 5.4.3 or earlier and is prone to buffer overflow vulnerability. A flaw is present in the application, which fails to handle crafted arguments that trigger incorrect handling of COM object VARIANT types. Successful exploitation allows remote attackers to execute arbitrary code.


Pages:      Start    2585    2586    2587    2588    2589    2590    2591    2592    2593    2594    2595    2596    2597    2598    ..   2609

© SecPod Technologies