8 matches found
EUVD-2015-3042
Malware in sbrugna...
EUVD-2015-3040
Malware in sbrugna...
EUVD-2015-3039
Malware in sbrugna...
Igreks MilkyStep Light and Professional SQL Injection Vulnerabilities
Igreks MilkyStep is a magazine push CGI via email system from Igreks Japan.MilkyStep Light and MilkyStep Professional are the lightweight and professional versions respectively. A SQL injection vulnerability exists in Igreks MilkyStep Light and Professional. A remote attacker can exploit this...
CVE-2015-2958
Igreks MilkyStep Light 0.94 and earlier and Professional 1.82 and earlier allows remote attackers to bypass intended access restrictions and modify settings via unspecified vectors, a different vulnerability than CVE-2015-2952 and CVE-2015-2953...
Design/Logic Flaw
Igreks MilkyStep Light 0.94 and earlier and Professional 1.82 and earlier allows remote attackers to bypass intended access restrictions and modify settings via unspecified vectors, a different vulnerability than CVE-2015-2952 and CVE-2015-2953...
CVE-2015-2958
The CVE-2015-2958 entry concerns Igreks MilkyStep Light (0.94 and earlier) and MilkyStep Professional (1.82 and earlier), where remote attackers could bypass access restrictions and modify administrator credentials via unspecified vectors. This vulnerability is distinct from CVE-2015-2952 and CVE...
CVE-2015-2957
MilkyStep XSS (CVE-2015-2957) affects Igreks MilkyStep Light 0.94 and earlier and MilkyStep Professional 1.82 and earlier. The vulnerability is a cross-site scripting flaw (CWE-79) in the MilkyStep CGI for email newsletter management, arising from improper handling of input/output that allows rem...