CVE-2008-0869

Cross-site scripting (XSS) vulnerability in BEA WebLogic Workshop 8.1 through SP6 and Workshop for WebLogic 9.0 through 10.0 allows remote attackers to inject arbitrary web script or HTML via a "framework defined request parameter" when using WebLogic Workshop or Apache Beehive NetUI framework with page flows.

Publication date: Thu, 21 Feb 2008 07:44:00 +0000

Cyber News related to CVE-2008-0869

CVE-2017-0869 - NVIDIA driver contains an integer overflow vulnerability which could cause a use after free and possibly lead to an elevation of privilege enabling code execution as a privileged process. This issue is rated as high. Version: N/A. Android ID: ...
6 years ago

CVE-2008-0869 - Cross-site scripting (XSS) vulnerability in BEA WebLogic Workshop 8.1 through SP6 and Workshop for WebLogic 9.0 through 10.0 allows remote attackers to inject arbitrary web script or HTML via a "framework defined request parameter" when using ...
13 years ago

CVE-2020-0809 - A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0801, CVE-2020-0807, CVE-2020-0869. ...
3 years ago

CVE-2020-0869 - A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0801, CVE-2020-0807, CVE-2020-0809. ...
3 years ago

CVE-2020-0807 - A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0801, CVE-2020-0809, CVE-2020-0869. ...
3 years ago

CVE-2020-0801 - A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0807, CVE-2020-0809, CVE-2020-0869. ...
3 years ago

CVE-2007-0869 - Cross-site scripting (XSS) vulnerability in the Attachment Manager (admincp/attachment.php) in Jelsoft vBulletin 3.6.4 allows remote attackers to inject arbitrary web script or HTML via the Extension field. NOTE: this might be a duplicate of ...
15 years ago

CVE-2021-0869 - In GetTimeStampAndPkt of DumpstateDevice.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for ...
3 years ago

CVE-2009-0869 - Buffer overflow in the client in IBM Tivoli Storage Manager (TSM) HSM 5.3.2.0 through 5.3.5.0, 5.4.0.0 through 5.4.2.5, and 5.5.0.0 through 5.5.1.4 on Windows allows remote attackers to cause a denial of service (application crash) or possibly ...
15 years ago

CVE-2010-0869 - Unspecified vulnerability in the Oracle Transportation Management component in Oracle E-Business Suite 5.5.05.07, 5.5.06.00, and 6.0.03 allows remote attackers to affect confidentiality via unknown vectors. ...
12 years ago

CVE-2013-0869 - The field_end function in libavcodec/h264.c in FFmpeg before 1.1.2 allows remote attackers to have an unspecified impact via crafted H.264 data, related to an SPS and slice mismatch and an out-of-bounds array access. ...
10 years ago

CVE-2015-0869 - I-O DATA DEVICE NP-BBRM routers allow remote attackers to cause a denial of service (SSDP reflection) via UPnP requests. ...
9 years ago

CVE-2016-0869 - Heap-based buffer overflow in MICROSYS PROMOTIC before 8.3.11 allows remote authenticated users to cause a denial of service via a malformed HTML document. ...
8 years ago

CVE-2004-0869 - Internet Explorer does not prevent cookies that are sent over an insecure channel (HTTP) from also being sent over a secure channel (HTTPS/SSL) in the same domain, which could allow remote attackers to steal cookies and conduct unauthorized ...
7 years ago

CVE-2005-0869 - phpSysInfo 2.3 allows remote attackers to obtain sensitive information via a direct request to (1) class.OpenBSD.inc.php, (2) class.NetBSD.inc.php, (3) class.FreeBSD.inc.php, (4) class.Darwin.inc.php, (5) XPath.class.php, (6) system_header.php, or ...
7 years ago

CVE-2012-0869 - Cross-site scripting (XSS) vulnerability in fup in Frams' Fast File EXchange (F*EX, aka fex) before 20120215 allows remote attackers to inject arbitrary web script or HTML via the id parameter. ...
7 years ago

CVE-2000-0869 - The default configuration of Apache 1.3.12 in SuSE Linux 6.4 enables WebDAV, which allows remote attackers to list arbitrary directories via the PROPFIND HTTP request method. ...
7 years ago

CVE-2011-0869 - Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 26 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related ...
6 years ago

CVE-2018-0869 - SharePoint Server 2016 allows an elevation of privilege vulnerability due to how web requests are handled, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". ...
6 years ago

CVE-2001-0869 - Format string vulnerability in the default logging callback function _sasl_syslog in common.c in Cyrus SASL library (cyrus-sasl) may allow remote attackers to execute arbitrary commands. ...
6 years ago

CVE-2014-0869 - The decrypt function in RICOS in IBM Algo Credit Limits (aka ACLM) 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics does not require a key, which makes it easier for remote attackers to obtain cleartext passwords by sniffing the network ...
6 years ago

CVE-2006-0869 - Directory traversal vulnerability in the "remember me" feature in liveuser.php in PHP Extension and Application Repository (PEAR) LiveUser 0.16.8 and earlier allows remote attackers to determine file existence, and possibly delete arbitrary ...
6 years ago

CVE-2019-0869 - A spoofing vulnerability exists in Microsoft Azure DevOps Server when it fails to properly handle web requests, aka 'Azure DevOps Server HTML Injection Vulnerability'. ...
4 years ago

CVE-2002-0869 - Unknown vulnerability in the hosting process (dllhost.exe) for Microsoft Internet Information Server (IIS) 4.0 through 5.1 allows remote attackers to gain privileges by executing an out of process application that acquires LocalSystem privileges, aka ...
3 years ago

CVE-1999-0869 - Internet Explorer 3.x to 4.01 allows a remote attacker to insert malicious content into a frame of another web site, aka frame spoofing. ...
3 years ago

Latest Cyber News

CVE-2024-10146 - 11 hours ago
CVE-2024-9186 - 11 hours ago
CVE-2023-34049 - 12 hours ago
CVE-2024-5082 - 14 hours ago
CVE-2024-5083 - 15 hours ago
CVE-2024-40408 - 18 hours ago
CVE-2024-40410 - 18 hours ago
CVE-2024-40404 - 18 hours ago
CVE-2024-40405 - 18 hours ago
CVE-2024-40407 - 18 hours ago
CVE-2024-50955 - 19 hours ago
CVE-2024-50956 - 19 hours ago
CVE-2024-51027 - 19 hours ago
CVE-2024-45878 - 20 hours ago
CVE-2024-45879 - 20 hours ago
CVE-2024-52549 - 20 hours ago
CVE-2024-52550 - 20 hours ago
CVE-2024-52551 - 20 hours ago
CVE-2024-52552 - 20 hours ago
CVE-2024-52553 - 20 hours ago

Cyber Trends (last 7 days)

Okta - 11 months ago
23andMe - 11 months ago
Kimsuky - 11 months ago
LogoFAIL - 11 months ago
Gh0st rat - 11 months ago

Trending Cyber News (last 7 days)

CVE-2024-10877 - 1 day ago
CVE-2024-9059 - 1 day ago
CVE-2024-9668 - 1 day ago
CVE-2024-9682 - 1 day ago
CVE-2024-11028 - 1 day ago
CVE-2024-8001 - 1 day ago
CVE-2024-11159 - 1 day ago
CVE-2024-48989 - 1 day ago
CVE-2024-11165 - 1 day ago
CVE-2024-48510 - 1 day ago
CVE-2024-48900 - 1 day ago
CVE-2024-49504 - 1 day ago
CVE-2024-49505 - 1 day ago
CVE-2024-49506 - 1 day ago
CVE-2024-50852 - 1 day ago
CVE-2024-50853 - 1 day ago
CVE-2024-50854 - 1 day ago
CVE-2024-9477 - 1 day ago
CVE-2024-10012 - 1 day ago
CVE-2024-10013 - 1 day ago