63 matches found
CVE-2008-1632
Multiple SQL injection vulnerabilities in CuteFlow 2.10.0 allow remote authenticated users to execute arbitrary SQL commands via the 1 listid parameter to pages/editmailingliststep1.php, the 2 userid parameter to pages/edituser.php, the 3 fieldid parameter to pages/editfield.php, and the 4...
CVE-2008-1631
SQL injection vulnerability in login.php in CuteFlow 1.5.0 and 2.10.0 allows remote attackers to execute arbitrary SQL commands via the UserId parameter, related to the login form field in index.php...
CVE-2008-1631
CVE-2008-1631 corresponds to a SQL injection vulnerability in CuteFlow versions 1.5.0 and 2.10.0. The flaw occurs in login.php, related to the UserId parameter used by the login form (indexed in index.php), allowing remote attackers to craft arbitrary SQL commands. Multiple sources (NVD entry, CV...
CVE-2008-1632
CVE-2008-1632 affects CuteFlow 2.10.0 with multiple SQL injection flaws in pages/editmailinglist_step1.php (listid), pages/edituser.php (userid), pages/editfield.php (fieldid), and pages/edittemplate_step1.php (templateid). Root cause is unsafe SQL construction allowing remote authenticated users...
CVE-2008-1630
CVE-2008-1630 concerns CuteFlow 1.5.0 and 2.10.0, where multiple stored/reflected cross-site scripting (XSS) flaws exist in the web UI. The root cause is insufficient input validation/sanitization of the language parameter across pages such as page/showcirculation.php, edittemplate_step2.php, sho...
CuteFlow Version 1.5.0 Multiple Remote Vulnerabilities
CuteFlow Version 1.5.0 Multiple Remote Vulnerabilities sql injection & Xss Virangar Security Team www.virangar.org www.virangar.net -------- Discoverd By : hadihadi special tnx to:MR.nosrati,black.shadowes,MR.hesy,Zahra & all virangar members & all iranian hackerz greetz:to my best friend in the...
cuteflow-sqlxss.txt
CuteFlow Version 1.5.0 Multiple Remote Vulnerabilities sql injection & Xss Virangar Security Team www.virangar.org www.virangar.net -------- Discoverd By : hadihadi special tnx to:MR.nosrati,black.shadowes,MR.hesy,Zahra & all virangar members & all iranian hackerz greetz:to my best friend in the...
Cuteflow Bin 1.5 - pages/showuser.php language Parameter XSS
Cuteflow Bin 1.5 pages/showuser.php language Parameter XSS. CVE-2008-1630. Webapps exploit for php platform source: http://www.securityfocus.com/bid/28500/info CuteFlow Bin is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. The issu...
Cuteflow Bin 1.5 - pages/showfields.php language Parameter XSS
Cuteflow Bin 1.5 pages/showfields.php language Parameter XSS. CVE-2008-1630. Webapps exploit for php platform source: http://www.securityfocus.com/bid/28500/info CuteFlow Bin is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. The...
Cuteflow Bin 1.5 - pages/edittemplate_step2.php language Parameter XSS
Cuteflow Bin 1.5 pages/edittemplatestep2.php language Parameter XSS. CVE-2008-1630. Webapps exploit for php platform source: http://www.securityfocus.com/bid/28500/info CuteFlow Bin is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data...
Cuteflow Bin 1.5 - pages/showcirculation.php language Parameter XSS
Cuteflow Bin 1.5 pages/showcirculation.php language Parameter XSS. CVE-2008-1630. Webapps exploit for php platform source: http://www.securityfocus.com/bid/28500/info CuteFlow Bin is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. T...
Cuteflow Bin 1.5 - pages/editmailinglist_step1.php language Parameter XSS
Cuteflow Bin 1.5 pages/editmailingliststep1.php language Parameter XSS. CVE-2008-1630. Webapps exploit for php platform source: http://www.securityfocus.com/bid/28500/info CuteFlow Bin is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied...
Cuteflow Bin 1.5 - pages/showtemplates.php language Parameter XSS
Cuteflow Bin 1.5 pages/showtemplates.php language Parameter XSS. CVE-2008-1630. Webapps exploit for php platform source: http://www.securityfocus.com/bid/28500/info CuteFlow Bin is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. The...
CVE-2008-1493
Directory traversal vulnerability in login.php in Cuteflow Bin 1.5.0 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the language parameter...
Directory traversal
Directory traversal vulnerability in login.php in Cuteflow Bin 1.5.0 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the language parameter...
CVE-2008-1493
Directory traversal vulnerability in login.php in Cuteflow Bin 1.5.0 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the language parameter...
CVE-2008-1493
CVE-2008-1493 affects Cuteflow Bin 1.5.0 in login.php. The language parameter is processed insecurely, enabling directory traversal with ".." to include and execute local files. This has potential partial impact to confidentiality, integrity, and availability (CVSS v2 base score 7.5, AV:N/AC:L/Au...
Cuteflow Bin v1.5.0 Local File Inclusion Vuln
Cuteflow Bin v1.5.0 Local File Inclusion Vulnerability + Author : KnocKout + Site : www.wikipediatr.com ============================================== Script : Cuteflow Bin v1.5.0 Download : http://scripts.ringsworld.com/groupware-tools/cuteflow-bin-v150/ Exploit :...
cuteflowbin-lfi.txt
Cuteflow Bin v1.5.0 Local File Inclusion Vulnerability + Author : KnocKout + Cyber-Warrior.org / Bug Researchers Group Special Thanks : CW ALL USERS / Mr.Freeman ============================================== Script : Cuteflow Bin v1.5.0 Download :...
Cuteflow Bin 1.5.0 (login.php) Local File Inclusion Vulnerability
No description provided by source. Cuteflow Bin v1.5.0 Local File Inclusion Vulnerability + Author : KnocKout + Cyber-Warrior.org / Bug Researchers Group Special Thanks : CW ALL USERS / Mr.Freeman ============================================== Script : Cuteflow Bin v1.5.0 Download :...