Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple array index errors in the MyHeritage SEQueryObject ActiveX control (SearchEngineQuery.dll) 1.0.2.0 allow remote attackers to execute arbitrary code via the (1) seTokensArray, or (2) seTokensValuesArray parameter to the AddTokens method; (3) seLastNameTokensArray parameter to the AddLastNameTokens method; (4) seFrameIdArray, (5) seSourceIdArray, (6) seHasBreakdownArray, (7) seIsIndexedArray, (8) seAllConcatArray, (9) seRefererURLArray, or (10) seMandatoryFieldsArray parameter to the AddMultipleSearches method; (11) seSourceIdArray, (12) seIsIndexedArray, (13) seAllConcatArray, (14) seRefererURLArray, (15) seQATestsArray, (16) seAllSourceIDsArray, (17) seAllSourceTitlesArray, (18) seMandatoryFieldsArray, or (19) seAllSourceRootURLArray parameter to the TestYourself method.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
MyHeritage SEQueryObject ActiveX控件跨站脚本漏洞
Vulnerability Description
MyHeritage是以色列MyHeritage公司的一套族谱和照片分享应用。该应用支持浏览家谱,编辑家谱成员个人信息和上传家谱成员照片等,并包含了一个面部识别系统,可识别照片和名人的相似程度。 MyHeritage SEQueryObject ActiveX控件(SearchEngineQuery.dll) 1.0.2.0版本中存在数组索引错误漏洞,该漏洞源于AddTokens方法没有充分过滤‘seTokensArray’和‘seTokensValuesArray’参数;AddLastNameToken
CVSS Information
N/A
Vulnerability Type
N/A