43 matches found
CVE-2012-3836
Multiple cross-site scripting XSS vulnerabilities in Baby Gekko before 1.2.0 allow remote attackers to inject arbitrary web script or HTML via the 1 groupname parameter in a savecategory in the users module; 2 virtualfilename, 3 branch, 4 contactperson, 5 street, 6 city, 7 province, 8 postal, 9...
CVE-2005-3822
Multiple SQL injection vulnerabilities in vTiger CRM 4.2 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 username in the login form or 2 record parameter, as demonstrated in the EditView action for the Contacts module...
CVE-2005-3822
Multiple SQL injection vulnerabilities in vTiger CRM 4.2 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 username in the login form or 2 record parameter, as demonstrated in the EditView action for the Contacts module...