strip html tags software vulnerabilities
vulnerabilities.aspcode.net
Searching strip html tags software vulnerabilities
Aladdin eSafe Gateway versions 2.x allows a rem
arrangement
|
circumvent
|
filtering
|
includes
|
attacker
|
versions
|
embedded
|
special
|
Aladdin
|
Gateway
|
within
|
allows
|
SCRIPT
|
remote
|
other
|
eSafe
|
which
|
HTML
|
tags
|
via
|
Aladdin eSafe Gateway versions 2.x allows a remote attacker to circumvent HTML SCRIPT filtering via a special arrangement of HTML tags which includes SCRIPT tags embedded within other SCRIPT tags.
Aladdin eSafe Gateway versions 3.0 and earlier
circumvent
|
filtering
|
attacker
|
document
|
encoding
|
versions
|
Aladdin
|
Gateway
|
UNICODE
|
earlier
|
within
|
remote
|
allows
|
SCRIPT
|
eSafe
|
tags
|
HTML
|
via
|
Aladdin eSafe Gateway versions 3.0 and earlier allows a remote attacker to circumvent HTML SCRIPT filtering via the UNICODE encoding of SCRIPT tags within the HTML document.
An incomplete fix for a cross-site scripting (X
cross-site
|
incomplete
|
scripting
|
fix
|
An incomplete fix for a cross-site scripting (XSS) vulnerability in SquirrelMail 1.2.8 calls the strip_tags function on the PHP_SELF value but does not save the result back to that variable, leaving it open to cross-site scripting attacks.
Cross-site scripting (XSS) vulnerability in Bod
Cross-site
|
scripting
|
Cross-site scripting (XSS) vulnerability in Bodo Bauer BBGallery 1.0 allows remote attackers to inject arbitrary web script or HTML via image tags.
Cross-site scripting (XSS) vulnerability in kmM
Cross-site
|
scripting
|
Cross-site scripting (XSS) vulnerability in kmMail 1.0 through 1.0b allows remote attackers to inject arbitrary web script or HTML via (1) an e-mail message subject or (2) Javascript in "safe" tags.
Unknown vulnerability in Internet Explorer 5.01
vulnerability
|
Explorer
|
Internet
|
Unknown
|
Unknown vulnerability in Internet Explorer 5.01 SP3 through 6.0 SP1 allows remote attackers to cause a denial of service (browser or Outlook Express crash) via HTML with certain input tags that are not properly rendered.
Cross-site scripting vulnerability (XSS) in Ope
vulnerability
|
Cross-site
|
scripting
|
Cross-site scripting vulnerability (XSS) in OpenTopic 2.3.1 allows remote attackers to execute arbitrary script as other users and possibly steal authentication information via cookies by injecting arbitrary HTML or script into IMG tags.
The strip_tags function in PHP 4.x up to 4.3.7,
strip_tags
|
function
|
PHP
|
The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, does not filter null (\0) characters within tag names when restricting input to allowed tags, which allows dangerous tags to be processed by web browsers such as Internet Explorer and Safari, which ignore null characters and facilitate the exploitation of cross-site scripting (XSS) vulnerabilities.
Cross-site scripting (XSS) vulnerability in Web
Cross-site
|
scripting
|
Cross-site scripting (XSS) vulnerability in WebCT Campus Edition allows remote attackers to inject arbitrary HTML or web script via (1) iframe, (2) img, or (3) object tags.
Multiple cross-site scripting (XSS) vulnerabili
cross-site
|
scripting
|
Multiple
|
Multiple cross-site scripting (XSS) vulnerabilities in PhotoPost PHP 5.0 RC3 allow remote attackers to inject arbitrary web script or HTML via (1) the check_tags function or (2) the editbio field in the user profile.
Cross-site scripting (XSS) vulnerability in ACS
Cross-site
|
scripting
|
Cross-site scripting (XSS) vulnerability in ACS Blog 1.1.1 allows remote attackers to inject arbitrary web script or HTML via onmouseover or onload events in (1) img, (2) link, or (3) mail tags.
The gaim_markup_strip_html function in Gaim 1.2
gaim_markup_strip_html
|
function
|
Gaim
|
The gaim_markup_strip_html function in Gaim 1.2.0, and possibly earlier versions, allows remote attackers to cause a denial of service (application crash) via a string that contains malformed HTML, which causes an out-of-bounds read.
Cross-site scripting (XSS) vulnerability in aja
Cross-site
|
scripting
|
Cross-site scripting (XSS) vulnerability in ajax-spell before 1.8 allows remote attackers to inject arbitrary web script or HTML via onmouseover or other events in HTML tags.
Cross-site scripting (XSS) vulnerability in php
Cross-site
|
scripting
|
Cross-site scripting (XSS) vulnerability in phpBB 2.0.16 allows remote attackers to inject arbitrary web script or HTML via nested [url] tags.
Cross-site scripting (XSS) vulnerability in e10
Cross-site
|
scripting
|
Cross-site scripting (XSS) vulnerability in e107 0.617 and earlier allows remote attackers to inject arbitrary web script or HTML via nested [url] BBCode tags.
Cross-site scripting (XSS) vulnerability in php
Cross-site
|
scripting
|
Cross-site scripting (XSS) vulnerability in phpBB 2.0.18, when "Allowed HTML tags" is enabled, allows remote attackers to inject arbitrary Javascript via a permitted HTML tag with " (quote) characters and active attributes such as onmouseover.
Heap-based buffer overflow in the alpha strip c
capability
|
Heap-based
|
overflow
|
buffer
|
libpng
|
alpha
|
strip
|
Heap-based buffer overflow in the alpha strip capability in libpng 1.2.7 allows context-dependent attackers to cause a denial of service (crash) when the png_do_strip_filler function is used to strip alpha channels out of the image.
Adobe ColdFusion MX 7.x before 7.0.2 does not p
ColdFusion
|
before
|
Adobe
|
Adobe ColdFusion MX 7.x before 7.0.2 does not properly filter HTML tags when protecting against cross-site scripting (XSS) attacks, which allows remote attackers to inject arbitrary web script or HTML via a NULL byte (%00) in certain HTML tags, as demonstrated using "%00script" in a tag.
ext/filter in PHP 5.2.0, when FILTER_SANITIZE_S
ext/filter
|
PHP
|
ext/filter in PHP 5.2.0, when FILTER_SANITIZE_STRING is used with the FILTER_FLAG_STRIP_LOW flag, does not properly strip HTML tags, which allows remote attackers to conduct cross-site scripting (XSS) attacks via HTML with a '<' character followed by certain whitespace characters, which passes one filter but is collapsed into a valid tag, as demonstrated using %0b.
Cross-site scripting (XSS) vulnerability in Saf
Cross-site
|
scripting
|
Cross-site scripting (XSS) vulnerability in Safari in Apple iPhone 1.1.1 allows remote attackers to inject arbitrary web script or HTML via frame tags.
Software vulnerabilities results 1 to 20 of 3296
Page:
1
2
3
4
5
...
165
►