Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Maxthon Subscribe
Filtered by product Maxthon
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2005-1090 1 Maxthon 1 Maxthon 2017-07-10 6.4 MEDIUM N/A
Directory traversal vulnerability in the readFile and writeFile API for Maxthon 1.2.0 and 1.2.1 allows remote attackers to read or write arbitrary files.
CVE-2005-0905 1 Maxthon 1 Maxthon 2016-10-17 2.6 LOW N/A
Maxthon 1.2.0 allows remote malicious web sites to obtain potentially sensitive data from the search bar via the m2_search_text property.
CVE-2006-6985 1 Maxthon 1 Maxthon 2011-03-07 5.0 MEDIUM N/A
Cross-domain vulnerability in Maxthon 1.5.6 build 42 allows remote attackers to access restricted information from other domains via an object tag with a data parameter that references a link on the attacker's originating site that specifies a Location HTTP header that references the target site, which then makes that content available through the outerHTML attribute of the object, a similar vulnerability to CVE-2006-3280.
CVE-2005-1091 1 Maxthon 1 Maxthon 2008-09-05 7.5 HIGH N/A
Maxthon 1.2.0 and 1.2.1 allows remote attackers to bypass the security ID and use restricted plugin API functions via script that includes the max.src file into the source page.