Searching tags software vulnerabilities

Vulnerability in htmlparse.pike in Roxen Web Se

htmlparsepike | Vulnerability | Server | Roxen | Web |

Vulnerability in htmlparse.pike in Roxen Web Server 1.3.11 and earlier, possibly related to recursive parsing and referer tags in RXML.


Aladdin eSafe Gateway versions 3.0 and earlier

circumvent | filtering | attacker | document | encoding | versions | Aladdin | Gateway | UNICODE | earlier | within | remote | allows | SCRIPT | eSafe | tags | HTML | via |

Aladdin eSafe Gateway versions 3.0 and earlier allows a remote attacker to circumvent HTML SCRIPT filtering via the UNICODE encoding of SCRIPT tags within the HTML document.


Outlook Express 6.00 allows remote attackers to

Express | Outlook |

Outlook Express 6.00 allows remote attackers to execute arbitrary script by embedding SCRIPT tags in a message whose MIME content type is text/plain, contrary to the expected behavior that text/plain messages will not run script.


Cross-site scripting (CSS) vulnerability in gnu

Cross-site | scripting |

Cross-site scripting (CSS) vulnerability in gnut Gnutella client before 0.4.27 allows remote attackers to execute arbitrary script on other clients by sharing a file whose name contains the script tags.


Zope before 2.2.4 allows partially trusted user

before | Zope |

Zope before 2.2.4 allows partially trusted users to bypass security controls for certain methods by accessing the methods through the fmt attribute of dtml-var tags.


phpBB 1.4.4 and earlier with BBcode allows remo

phpBB |

phpBB 1.4.4 and earlier with BBcode allows remote attackers to cause a denial of service (CPU consumption) and corrupt the database via null \0 characters within [code] tags.


PostBoard 2.0.1 and earlier with BBcode allows

PostBoard |

PostBoard 2.0.1 and earlier with BBcode allows remote attackers to cause a denial of service (CPU consumption) and corrupt the database via null \0 characters within [code] tags.


An incomplete fix for a cross-site scripting (X

cross-site | incomplete | scripting | fix |

An incomplete fix for a cross-site scripting (XSS) vulnerability in SquirrelMail 1.2.8 calls the strip_tags function on the PHP_SELF value but does not save the result back to that variable, leaving it open to cross-site scripting attacks.


Cross-site scripting (XSS) vulnerability in Bod

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in Bodo Bauer BBGallery 1.0 allows remote attackers to inject arbitrary web script or HTML via image tags.


The strip_tags function in PHP 4.x up to 4.3.7,

strip_tags | function | PHP |

The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, does not filter null (\0) characters within tag names when restricting input to allowed tags, which allows dangerous tags to be processed by web browsers such as Internet Explorer and Safari, which ignore null characters and facilitate the exploitation of cross-site scripting (XSS) vulnerabilities.


Apple Safari 1.0 through 1.2.3 allows remote at

through | Safari | Apple |

Apple Safari 1.0 through 1.2.3 allows remote attackers to spoof the URL displayed in the status bar via TABLE tags.


Unspecified vulnerability in ASN.1 Compiler (as

vulnerability | Unspecified | Compiler | ASN1 |

Unspecified vulnerability in ASN.1 Compiler (asn1c) before 0.9.7 has unknown impact and attack vectors when processing "ANY" type tags.


Buffer overflow in the strip_html_tags method f

strip_html_tags | Enhanced | overflow | method | Buffer | Gyach |

Buffer overflow in the strip_html_tags method for Gyach Enhanced (Gyach-E) before 1.0.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via unknown vectors involving HTML tags.


Cross-site scripting (XSS) vulnerability in sCs

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in sCssBoard 1.11 and earlier allows remote attackers to execute arbitrary Javascript via [url] tags.


Buffer overflow in the Microsoft Color Manageme

Management | attackers | arbitrary | Microsoft | overflow | crafted | execute | profile | Windows | format | Buffer | allows | Module | remote | Color | image | tags | code | via | ICC |

Buffer overflow in the Microsoft Color Management Module for Windows allows remote attackers to execute arbitrary code via an image with crafted ICC profile format tags.


Cross-site scripting (XSS) vulnerability in php

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in phpBB 2.0.16 allows remote attackers to inject arbitrary web script or HTML via nested [url] tags.


Unknown vulnerability in Lasso Professional Ser

vulnerability | Professional | Server804 | Unknown | Lasso |

Unknown vulnerability in Lasso Professional Server8.0.4 and 8.0.5 allows attackers to bypass authentication, related to [Auth] tags.


The cross-site scripting (XSS) countermeasures

cross-site | scripting |

The cross-site scripting (XSS) countermeasures in class.inputfilter.php in Joomla! 1.0.7 allow remote attackers to cause a denial of service via a crafted mosmsg parameter to index.php with a malformed sequence of multiple tags, as demonstrated using "<<>AAA<><>", possibly due to nested or empty tags.


Adobe ColdFusion MX 7.x before 7.0.2 does not p

ColdFusion | before | Adobe |

Adobe ColdFusion MX 7.x before 7.0.2 does not properly filter HTML tags when protecting against cross-site scripting (XSS) attacks, which allows remote attackers to inject arbitrary web script or HTML via a NULL byte (%00) in certain HTML tags, as demonstrated using "%00script" in a tag.


Cross-site scripting (XSS) vulnerability in Saf

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in Safari in Apple iPhone 1.1.1 allows remote attackers to inject arbitrary web script or HTML via frame tags.


Software vulnerabilities results 1 to 20 of 132     
Page: 12345...7