Jakob Balle

4 exploits Active since Oct 2004
CVE-2004-1381 EXPLOITDB html WORKING POC
Firefox < 1.0 and Mozilla < 1.7.5 - Input Focus Spoofing via Background Tab
Firefox before 1.0 and Mozilla before 1.7.5 allow inactive (background) tabs to focus on input being entered in the active tab, as originally reported using form fields, which allows remote attackers to steal sensitive data that is intended for other sites, which could facilitate phishing attacks.
CVE-2005-2769 EXPLOITDB text WORKING POC
SqWebMail 5.0.4 - Cross-Site Scripting via Malformed HTML Email Tags
Cross-site scripting (XSS) vulnerability in SqWebMail 5.0.4 and possibly other versions allows remote attackers to inject arbitrary web script or HTML via an HTML e-mail containing tags with strings that contain ">" or other special characters, which is not properly sanitized by SqWebMail.
CVE-2006-0663 EXPLOITDB text WORKING POC
IBM Lotus Domino iNotes Client 6.5.4 and 7.0 - Cross-Site Scripting via Email Subject, URI, or Attachment Filename
Multiple cross-site scripting (XSS) vulnerabilities in Lotus Domino iNotes Client 6.5.4 and 7.0 allow remote attackers to inject arbitrary web script or HTML via (1) an email subject; (2) an encoded javascript URI, as demonstrated using "java&#13;script:"; or (3) when the Domino Web Access ActiveX control is not installed, via an email attachment filename.
CVE-2006-0663 EXPLOITDB text WORKING POC
IBM Lotus Domino iNotes Client 6.5.4 and 7.0 - Cross-Site Scripting via Email Subject, URI, or Attachment Filename
Multiple cross-site scripting (XSS) vulnerabilities in Lotus Domino iNotes Client 6.5.4 and 7.0 allow remote attackers to inject arbitrary web script or HTML via (1) an email subject; (2) an encoded javascript URI, as demonstrated using "java&#13;script:"; or (3) when the Domino Web Access ActiveX control is not installed, via an email attachment filename.