Page 2 of 7 results (0.002 seconds)

CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 1

Cross-site scripting (XSS) vulnerability in Zaep AntiSpam 2.0 allows remote attackers to inject arbitrary web script or HTML via double encoded slashes (%252F) in the key parameter. • https://www.exploit-db.com/exploits/24001 http://marc.info/?l=bugtraq&m=108241507812681&w=2 http://secunia.com/advisories/11388 http://www.securiteam.com/windowsntfocus/5EP0I15CKK.html http://www.securityfocus.com/bid/10139 https://exchange.xforce.ibmcloud.com/vulnerabilities/15858 •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

FTP Voyager ActiveX control before 8.0, when it is marked as safe for scripting (the default) or if allowed by the IObjectSafety interface, allows remote attackers to execute arbitrary commands. • http://www.kb.cert.org/vuls/id/320944 https://exchange.xforce.ibmcloud.com/vulnerabilities/7119 •