Page 38 of 324 results (0.011 seconds)

CVSS: 6.4EPSS: 55%CPEs: 9EXPL: 1

Microsoft Internet Explorer 6.0 and possibly others allows remote attackers to upload arbitrary file contents when users press a key corresponding to the JavaScript (1) event.ctrlKey or (2) event.shiftKey onkeydown event contained in a webpage. NOTE: it was reported that the vendor has disputed the severity of this issue. • http://online.securityfocus.com/archive/1/283866 http://online.securityfocus.com/archive/1/284068 http://www.iss.net/security_center/static/9653.php http://www.securityfocus.com/bid/5290 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 5.0EPSS: 26%CPEs: 2EXPL: 2

Microsoft Internet Explorer 5.5 through 6.0 allows remote attackers to cause a denial of service (crash) via a Cascading Style Sheet (CSS) with the p{cssText} element declared and a bold font weight. • https://www.exploit-db.com/exploits/21556 http://online.securityfocus.com/archive/1/277133 http://online.securityfocus.com/archive/1/277140/2002-12-07/2002-12-13/2 http://www.securityfocus.com/bid/5027 https://exchange.xforce.ibmcloud.com/vulnerabilities/9367 •

CVSS: 4.3EPSS: 94%CPEs: 4EXPL: 4

Cross-site scripting (XSS) vulnerability in ftp.htt in Internet Explorer 5.5 and 6.0, when running on Windows 2000 with "Enable folder view for FTP sites" and "Enable Web content in folders" selected, allows remote attackers to inject arbitrary web script or HTML via the hostname portion of an FTP URL. • https://www.exploit-db.com/exploits/21515 http://archives.neohapsis.com/archives/bugtraq/2002-06/0037.html http://www.geocities.co.jp/SiliconValley/1667/advisory02e.html http://www.iss.net/security_center/static/9290.php http://www.securityfocus.com/bid/4954 •

CVSS: 5.0EPSS: 1%CPEs: 4EXPL: 1

Microsoft Internet Explorer 5.0, 5.01, and 5.5 allows remote attackers to monitor the contents of the clipboard via the getData method of the clipboardData object. • http://online.securityfocus.com/archive/1/250387/2002-10-11/2002-10-17/2 http://www.securityfocus.com/archive/1/250248 http://www.securityfocus.com/bid/3862 https://exchange.xforce.ibmcloud.com/vulnerabilities/7906 •

CVSS: 5.0EPSS: 2%CPEs: 7EXPL: 4

Internet Explorer 5.0, 5.0.1 and 5.5 with JavaScript execution enabled allows remote attackers to determine the existence of arbitrary files via a script tag with a src parameter that references a non-JavaScript file, then using the onError event handler to monitor the results. • https://www.exploit-db.com/exploits/21198 https://www.exploit-db.com/exploits/21199 http://archives.neohapsis.com/archives/bugtraq/2002-01/0019.html http://www.iss.net/security_center/static/7784.php http://www.securityfocus.com/bid/3779 •