CVSS: 4.3EPSS: 0%CPEs: 114EXPL: 0CVE-2008-5682
https://notcve.org/view.php?id=CVE-2008-5682
Cross-site scripting (XSS) vulnerability in Opera before 9.63 allows remote attackers to inject arbitrary web script or HTML via built-in XSLT templates. Una vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados en Opera en versiones anteriores a 9.63 permite a atacantes remotos inyectar HTML o secuencias de comandos web arbitrarios a través de plantillas XSLT pre-instaladas. • http://osvdb.org/50951 http://secunia.com/advisories/34294 http://security.gentoo.org/glsa/glsa-200903-30.xml http://www.opera.com/docs/changelogs/linux/963 http://www.opera.com/support/kb/view/924 http://www.securitytracker.com/id?1021462 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 0%CPEs: 114EXPL: 0CVE-2008-5683
https://notcve.org/view.php?id=CVE-2008-5683
Unspecified vulnerability in Opera before 9.63 allows remote attackers to "reveal random data" via unknown vectors. Una vulnerabilidad sin especificar en Opera 9.63 permite antes de atacantes remotos "revelar datos aleatorios" a través de vectores desconocidos. • http://secunia.com/advisories/34294 http://security.gentoo.org/glsa/glsa-200903-30.xml http://securitytracker.com/id?1021459 http://www.opera.com/docs/changelogs/linux/963 http://www.opera.com/support/kb/view/924 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 10%CPEs: 73EXPL: 1CVE-2008-4794
https://notcve.org/view.php?id=CVE-2008-4794
Opera before 9.62 allows remote attackers to execute arbitrary commands via the History Search results page, a different vulnerability than CVE-2008-4696. Opera antes de v9.62 permite a atacantes remotos ejecutar comandos de su elección mediante la página de resultados Search History, una vulnerabilidad distinta a CVE-2008-4696. • http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00012.html http://secunia.com/advisories/32538 http://security.gentoo.org/glsa/glsa-200811-01.xml http://www.opera.com/support/search/view/906 http://www.securityfocus.com/bid/31991 http://www.securitytracker.com/id?1021128 https://exchange.xforce.ibmcloud.com/vulnerabilities/46219 • CWE-20: Improper Input Validation •
CVSS: 4.3EPSS: 19%CPEs: 73EXPL: 2CVE-2008-4795 – Opera Web Browser 9.x - History Search and Links Panel Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2008-4795
The links panel in Opera before 9.62 processes Javascript within the context of the "outermost page" of a frame, which allows remote attackers to inject arbitrary web script or HTML via cross-site scripting (XSS) attacks. El panel de enlaces en Opera antes de v9.62 procesa el JavaScript dentro del contexto de la "última página" de un marco, lo que permite a atacantes remotos inyectar secuencias de comandos web o HTML mediante ataques de secuencias de comandos en sitios cruzados (XSS) • https://www.exploit-db.com/exploits/32548 http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00012.html http://secunia.com/advisories/32538 http://security.gentoo.org/glsa/glsa-200811-01.xml http://www.opera.com/support/search/view/907 http://www.securityfocus.com/bid/31991 http://www.securitytracker.com/id?1021127 https://exchange.xforce.ibmcloud.com/vulnerabilities/46220 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.3EPSS: 11%CPEs: 79EXPL: 0CVE-2008-4695
https://notcve.org/view.php?id=CVE-2008-4695
Opera before 9.60 allows remote attackers to obtain sensitive information and have unspecified other impact by predicting the cache pathname of a cached Java applet and then launching this applet from the cache, leading to applet execution within the local-machine context. Opera versiones anteriores a v9.60 permite a atacantes remotos obtener información sensible y tener otros impactos desconocidos prediciendo la ruta de la caché de un applet de Java cacheado y entonces lanzar este applet desde la caché, llevando a cabo la ejecución del applet dentro del contexto de la máquina local. • http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00009.html http://secunia.com/advisories/32177 http://secunia.com/advisories/32394 http://secunia.com/advisories/32538 http://security.gentoo.org/glsa/glsa-200811-01.xml http://securitytracker.com/id?1021017 http://www.openwall.com/lists/oss-security/2008/10/21/5 http://www.openwall.com/lists/oss-security/2008/10/22/5 http://www.opera.com/docs/changelogs/freebsd/960 http://www.opera.com/docs/changelogs& • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •