173 matches found
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the Calendar module in Olat 7.8.0.1 b20130821 N1 allow remote attackers to inject arbitrary web script or HTML via the 1 event name or 2 date field...
Cross site scripting
Cross-site scripting XSS vulnerability in the Calendar module in Olat 7.8.0.1 b20130821 N1 allows remote attackers to inject arbitrary web script or HTML via the Location field. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2013-6794
Cross-site scripting XSS vulnerability in the Calendar module in Olat 7.8.0.1 b20130821 N1 allows remote attackers to inject arbitrary web script or HTML via the Location field. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2013-6793
CVE-2013-6793 refers to multiple cross-site scripting (XSS) vulnerabilities in the Calendar module of OLAT 7.8.0.1 (b20130821 N1). The flaws allow remote attackers to inject arbitrary script or HTML via the event name or date fields. Documented impact is XSS with partial integrity impact (per NVD...
CVE-2013-6793
Multiple cross-site scripting XSS vulnerabilities in the Calendar module in Olat 7.8.0.1 b20130821 N1 allow remote attackers to inject arbitrary web script or HTML via the 1 event name or 2 date field...
CVE-2013-6794
CVE-2013-6794 is an XSS vulnerability in the Calendar module of Olat 7.8.0.1 (b20130821 N1). The flaw allows remote attackers to inject arbitrary web script or HTML via the Location field. Documents consistently describe the affected product/version and the vulnerability class, but do not provide...
FreeBSD : PHP5 -- Integer overflow in Calendar module (5def3175-f3f9-4476-ba40-b46627cc638c)
The PHP development team reports : Integer overflow in the SdnToJewish function in jewish.c in the Calendar component in PHP before 5.3.26 and 5.4.x before 5.4.16 allows context-dependent attackers to cause a denial of service application hang via a large argument to the jdtojewish function...
PHP5 -- Integer overflow in Calendar module
The PHP development team reports: Integer overflow in the SdnToJewish function in jewish.c in the Calendar component in PHP before 5.3.26 and 5.4.x before 5.4.16 allows context-dependent attackers to cause a denial of service application hang via a large argument to the jdtojewish function...
Joomla! Component com_icagenda - 'id' Multiple Vulnerabilities
Souhail Hammou - Independant Security Researcher & Penetration Tester . Facebook : www.facebook.com/dark.puzzle.sec E-mail : [email protected] Greetings to all moroccan researchers and white hats . ------------------------------------------------------------------------------ Exploit Title:...
Joomla ICAgenda SQL Injection / Path Disclosure
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 x Official Website: http://www.1337day.com 0 1 x...
Joomla Component com_icagenda Blind SQLi/Path Disclosure
Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 x...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in vTiger CRM 5.2.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 viewname parameter in a CalendarAjax action, 2 activitymode parameter in a DetailView action, 3 contactid and 4 parentid parameters in an...
CVE-2011-4670
Multiple cross-site scripting XSS vulnerabilities in vTiger CRM 5.2.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 viewname parameter in a CalendarAjax action, 2 activitymode parameter in a DetailView action, 3 contactid and 4 parentid parameters in an...
CVE-2011-4559
SQL injection vulnerability in the Calendar module in vTiger CRM 5.2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the onlyforuser parameter in an index action to index.php...
Sql injection
SQL injection vulnerability in the Calendar module in vTiger CRM 5.2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the onlyforuser parameter in an index action to index.php...
CVE-2011-4559
SQL injection vulnerability in the Calendar module in vTiger CRM 5.2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the onlyforuser parameter in an index action to index.php...
CVE-2011-4559
CVE-2011-4559 affects vtiger CRM (Calendar module) prior to or including vTiger 5.2.1; the vulnerability is a SQL injection in the onlyforuser parameter of the index action (index.php). This allows remote attackers to execute arbitrary SQL commands. Connected records also indicate CVE-2013-5091 a...
Debian Security Advisory DSA 2266-1 (php5)
The remote host is missing an update to php5 announced via advisory DSA 2266-1. OpenVAS Vulnerability Test $Id: deb22661.nasl 6613 2017-07-07 12:08:40Z cfischer $ Description: Auto-generated from advisory DSA 2266-1 php5 Authors: Thomas Reinke Copyright: Copyright c 2011 E-Soft Inc...
Debian DSA-2266-1 : php5 - several vulnerabilities
Several vulnerabilities were discovered in PHP, which could lead to denial of service or potentially the execution of arbitrary code. - CVE-2010-2531 An information leak was found in the varexport function. - CVE-2011-0421 The Zip module could crash. - CVE-2011-0708 An integer overflow was...
[SECURITY] [DSA 2266-1] php5 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2266-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff June 29, 2011 http://www.debian.org/security/faq -...