|
263081
|
- |
|
opera
|
opera_browser
|
Opera before 9.26 allows user-assisted remote attackers to execute arbitrary script via images that contain custom comments, which are treated as script when the user displays the image properties.
|
CWE-94
Code Injection
|
CVE-2008-1081
|
2012-06-8 03:02 |
2008-02-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263082
|
- |
|
opera
|
opera_browser
|
Opera before 9.26 allows user-assisted remote attackers to read arbitrary files by tricking a user into typing the characters of the target filename into a file input.
|
CWE-20
Improper Input Validation
|
CVE-2008-1080
|
2012-06-8 02:58 |
2008-02-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263083
|
- |
|
opera
|
opera_browser
|
Opera before 9.63 does not block unspecified "scripted URLs" during the feed preview, which allows remote attackers to read existing subscriptions and force subscriptions to arbitrary feed URLs.
|
NVD-CWE-Other
|
CVE-2008-5681
|
2012-06-8 02:24 |
2008-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263084
|
- |
|
opera
|
opera_browser
|
Cross-site scripting (XSS) vulnerability in Opera before 9.63 allows remote attackers to inject arbitrary web script or HTML via built-in XSLT templates.
|
CWE-79
Cross-site Scripting
|
CVE-2008-5682
|
2012-06-8 02:22 |
2008-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263085
|
- |
|
opera
|
opera_browser
|
Unspecified vulnerability in Opera before 9.63 allows remote attackers to "reveal random data" via unknown vectors.
|
NVD-CWE-noinfo
CWE-200
Information Exposure
|
CVE-2008-5683
|
2012-06-8 02:18 |
2008-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263086
|
- |
|
opera
|
opera_browser
|
Opera displays a cached certificate for a (1) 4xx or (2) 5xx CONNECT response page returned by a proxy server, which allows man-in-the-middle attackers to spoof an arbitrary https site by letting a b…
|
CWE-287
Improper Authentication
|
CVE-2009-2070
|
2012-06-8 01:12 |
2009-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263087
|
- |
|
opera
|
opera_browser
|
Unspecified vulnerability in Opera before 9.64 has unknown impact and attack vectors, related to a "moderately severe issue."
|
NVD-CWE-noinfo
|
CVE-2009-0916
|
2012-06-7 13:00 |
2009-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263088
|
- |
|
bandainamcogames
|
madomagi-ip_android
|
The Puella Magi Madoka Magica iP application 1.05 and earlier for Android places cleartext Twitter credentials in a log file, which allows remote attackers to obtain sensitive information via a craft…
|
CWE-255
Credentials Management
|
CVE-2012-2630
|
2012-06-6 13:00 |
2012-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263089
|
- |
|
bestpractical
|
rt
|
Best Practical Solutions RT 4.x before 4.0.6 does not properly implement the DisallowExecuteCode option, which allows remote authenticated users to bypass intended access restrictions and execute arb…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-5093
|
2012-06-6 01:34 |
2012-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263090
|
- |
|
bestpractical
|
rt
|
Best Practical Solutions RT 3.8.x before 3.8.12 and 4.x before 4.0.6 allows remote attackers to execute arbitrary code and gain privileges via unspecified vectors, a different vulnerability than CVE-…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-5092
|
2012-06-6 01:31 |
2012-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
