Lucene search
K

60 matches found

Prion
Prion
added 2008/08/27 11:41 p.m.13 views

Sql injection

Multiple SQL injection vulnerabilities in Crafty Syntax Live Help CSLH 2.14.6 and earlier allow remote attackers to execute arbitrary SQL commands via the department parameter to 1 isxmlhttp.php and 2 isflush.php...

7.5CVSS9.3AI score0.01773EPSS
Exploits1References9Affected Software1
NVD
NVD
added 2008/08/27 11:41 p.m.17 views

CVE-2008-3845

Multiple SQL injection vulnerabilities in Crafty Syntax Live Help CSLH 2.14.6 and earlier allow remote attackers to execute arbitrary SQL commands via the department parameter to 1 isxmlhttp.php and 2 isflush.php...

7.5CVSS8.5AI score0.01773EPSS
Exploits1References9
Cvelist
Cvelist
added 2008/08/27 11:0 p.m.17 views

CVE-2008-3845

Multiple SQL injection vulnerabilities in Crafty Syntax Live Help CSLH 2.14.6 and earlier allow remote attackers to execute arbitrary SQL commands via the department parameter to 1 isxmlhttp.php and 2 isflush.php...

8.5AI score0.01773EPSS
Exploits1References9
CVE
CVE
added 2008/08/27 11:0 p.m.38 views

CVE-2008-3845

Crafty Syntax Live Help (CSLH) prior to version 2.14.6 contains multiple SQL injection vulnerabilities in the server-side logic handling the department parameter for is_xmlhttp.php and is_flush.php. The underlying issue is unsafely constructed SQL queries that allow remote attackers to alter data...

7.5CVSS8.5AI score0.01773EPSS
Exploits1References9Affected Software1
NVD
NVD
added 2008/08/27 8:41 p.m.13 views

CVE-2008-3840

Crafty Syntax Live Help CSLH 2.14.6 and earlier stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information...

5CVSS6.2AI score0.01182EPSS
Exploits1References4
Cvelist
Cvelist
added 2008/08/27 8:0 p.m.21 views

CVE-2008-3840

Crafty Syntax Live Help CSLH 2.14.6 and earlier stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information...

6.2AI score0.01182EPSS
Exploits1References4
CVE
CVE
added 2008/08/27 8:0 p.m.47 views

CVE-2008-3840

The CVE-2008-3840 entry concerns Crafty Syntax Live Help (CSLH) 2.14.6 and earlier, where passwords are stored in cleartext in a MySQL database. The root cause is insecure password storage in plaintext, enabling an attacker with context access to obtain sensitive information from the database. Th...

5CVSS6.3AI score0.01182EPSS
Exploits1References4Affected Software1
seebug.org
seebug.org
added 2008/08/26 12:0 a.m.19 views

Crafty Syntax Live Help <= 2.14.6 (department) SQL Injection Vuln

No description provided by source. Crafty Syntax Live Help = 2.14.6 SQL Injection August 25, 2008 Vendor : Eric Gerdes URL : http://www.craftysyntax.com Version : Crafty Syntax Live Help = 2.14.6 Risk : SQL Injection Description: Crafty Syntax Live Help is a full featured, open source, online...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2008/08/26 12:0 a.m.27 views

crafty-sql.txt

GulfTech Security Research August 25, 2008 Vendor : Eric Gerdes URL : http://www.craftysyntax.com Version : Crafty Syntax Live Help = 2.14.6 Risk : SQL Injection Description: Crafty Syntax Live Help is a full featured, open source, online support system written in php that allows the visitors of ...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2008/08/26 12:0 a.m.88 views

Crafty Syntax Live Help <= 2.14.6 SQL Injection

GulfTech Security Research August 25, 2008 Vendor : Eric Gerdes URL : http://www.craftysyntax.com Version : Crafty Syntax Live Help = 2.14.6 Risk : SQL Injection Description: Crafty Syntax Live Help is a full featured, open source, online support system written in php that allows the visitors of ...

1AI score
Exploits0
exploitpack
exploitpack
added 2008/08/25 12:0 a.m.23 views

Crafty Syntax Live Help 2.14.6 - department SQL Injection

Crafty Syntax Live Help 2.14.6 - department SQL Injection Crafty Syntax Live Help = 2.14.6 SQL Injection August 25, 2008 Vendor : Eric Gerdes URL : http://www.craftysyntax.com Version : Crafty Syntax Live Help = 2.14.6 Risk : SQL Injection Description: Crafty Syntax Live Help is a full featured,...

0.5AI score
Exploits0
0day.today
0day.today
added 2008/08/25 12:0 a.m.12 views

Crafty Syntax Live Help <= 2.14.6 (department) SQL Injection Vuln

Exploit for unknown platform in category web applications ================================================================= Crafty Syntax Live Help = 2.14.6 department SQL Injection Vuln ================================================================= Crafty Syntax Live Help = 2.14.6 SQL Injecti...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2008/08/25 12:0 a.m.35 views

Crafty Syntax Live Help 2.14.6 - &#039;department&#039; SQL Injection

Crafty Syntax Live Help = 2.14.6 SQL Injection August 25, 2008 Vendor : Eric Gerdes URL : http://www.craftysyntax.com Version : Crafty Syntax Live Help = 2.14.6 Risk : SQL Injection Description: Crafty Syntax Live Help is a full featured, open source, online support system written in php that...

7.4AI score
Exploits0
Prion
Prion
added 2008/08/07 8:41 p.m.15 views

Cross site scripting

Cross-site scripting XSS vulnerability in livehelpjs.php in Crafty Syntax Live Help CSLH 2.14.6 allows remote attackers to inject arbitrary web script or HTML via the department parameter...

4.3CVSS6.1AI score0.01465EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2008/08/07 8:41 p.m.14 views

CVE-2008-3510

Cross-site scripting XSS vulnerability in livehelpjs.php in Crafty Syntax Live Help CSLH 2.14.6 allows remote attackers to inject arbitrary web script or HTML via the department parameter...

4.3CVSS5.7AI score0.01465EPSS
Exploits1References4
CVE
CVE
added 2008/08/07 8:0 p.m.39 views

CVE-2008-3510

Crafty Syntax Live Help (CSLH) 2.14.6 has an XSS vulnerability in livehelp_js.php via the department parameter. The CVE-2008-3510 entry indicates remote, unauthenticated injection of script/HTML, with CVSSv2 base score 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N). No remediation details are provided in the c...

4.3CVSS5.7AI score0.01465EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2008/08/07 8:0 p.m.15 views

CVE-2008-3510

Cross-site scripting XSS vulnerability in livehelpjs.php in Crafty Syntax Live Help CSLH 2.14.6 allows remote attackers to inject arbitrary web script or HTML via the department parameter...

5.7AI score0.01465EPSS
Exploits1References4
exploitpack
exploitpack
added 2008/08/05 12:0 a.m.8 views

Crafty Syntax Live Help 2.14.6 - livehelp_js.php Cross-Site Scripting

Crafty Syntax Live Help 2.14.6 - livehelpjs.php Cross-Site Scripting source: https://www.securityfocus.com/bid/30543/info Crafty Syntax Live Help CSLH is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2008/08/05 12:0 a.m.31 views

Crafty Syntax Live Help 2.14.6 - &#039;livehelp_js.php&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/30543/info Crafty Syntax Live Help CSLH is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

7AI score
Exploits0
NVD
NVD
added 2008/03/06 12:44 a.m.17 views

CVE-2008-1183

Multiple cross-site scripting XSS vulnerabilities in Crafty Syntax Live Help CSLH before 2.14.6 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to 1 livehelp.php, 2 userquestions.php, and 3 leavemessage.php. NOTE: the lostsheep.php vector is covered by...

4.3CVSS5.7AI score0.01033EPSS
Exploits0References4
Rows per page
Query Builder