1260 matches found
CVE-2011-3162
HP Data Protector Notebook Extension 6.20 and HP Data Protector for Personal Computers 7.0 are affected by an SQL injection vulnerability in the dpnepolicyservice FinishedCopy method, exposed via a DPNECentral Web Service on TCP port 80. A remote attacker can craft requests with an unsafely used ...
CVE-2011-3160
HP Data Protector Notebook Extension has a remote code execution vulnerability (ZDI-1228) affecting dpnepolicyservice via LogCopyOperation. The flaw exists in the DPNECentral Web Service on TCP port 80; the copyStatus field from a user request is used to construct a query without proper validatio...
CVE-2011-3158
HP Data Protector Notebook Extension contains a remote SQL injection in the dpnepolicyservice component (RequestCopy) exposed on TCP port 80. Unauthenticated attackers can craft a RequestCopy with a malicious type, causing the service to construct and execute arbitrary SQL queries under the servi...
CVE-2011-3157
HP Data Protector Notebook Extension contains a vulnerability in the dpnepolicyservice GetPolicies method that does not properly validate the clientVersion field, enabling remote attackers to execute arbitrary SQL queries as the service user. Affected products include HP Data Protector Notebook E...
CVE-2011-3156
HP Data Protector Notebook Extension (and Data Protector for Personal Computers) module exposes a DPNECentral web service (dpnepolicyservice) with a LogClientInstallation method vulnerable to input validation flaws. The ZDI advisory describes remote arbitrary-code execution via the userid field i...
CVE-2010-2342
SQL injection vulnerability in onlinenotebookmanager.asp in DMXReady Online Notebook Manager 1.0 allows remote attackers to execute arbitrary SQL commands via the ItemID parameter...
Sql injection
SQL injection vulnerability in onlinenotebookmanager.asp in DMXReady Online Notebook Manager 1.0 allows remote attackers to execute arbitrary SQL commands via the ItemID parameter...
CVE-2010-2342
SQL injection vulnerability in onlinenotebookmanager.asp in DMXReady Online Notebook Manager 1.0 allows remote attackers to execute arbitrary SQL commands via the ItemID parameter...
CVE-2010-2342
DMXReady Online Notebook Manager 1.0 is affected by a SQL injection in onlinenotebookmanager.asp via the ItemID parameter, enabling remote attackers to execute arbitrary SQL commands. This CVE (CVE-2010-2342) is corroborated by multiple sources in the connected documents (NVD, Red Hat advisory, C...
DMXReady Online Notebook Manager SQL Injection
Author: L0rd CrusAd3r aka VSN [email protected] Exploit Title: Online Notebook Manager SQLi Vulnerability Version:1.0 Price:$149.97 Vendor url:http://dmxready.com/?product=online-notebook-manager Published: 2010-06-09 Greetz to:Sid3^effects, MaYur, M4n0j, Dark Blue®, S1ayer,d3c0d3r and to al...
Online Notebook Manager SQL Injection Vulnerability
Exploit for php platform in category web applications =================================================== Online Notebook Manager SQL Injection Vulnerability =================================================== Author: L0rd CrusAd3r aka VSN email protected Exploit Title: Online Notebook Manager SQ...
Online Notebook Manager - SQL Injection
Online Notebook Manager - SQL Injection Author: L0rd CrusAd3r aka VSN [email protected] Exploit Title: Online Notebook Manager SQLi Vulnerability Version:1.0 Price:$149.97 Vendor url:http://dmxready.com/?product=online-notebook-manager Published: 2010-06-09 Greetz to:Sid3^effects, MaYur, M4n0...
Online Notebook Manager - SQL Injection
Author: L0rd CrusAd3r aka VSN [email protected] Exploit Title: Online Notebook Manager SQLi Vulnerability Version:1.0 Price:$149.97 Vendor url:http://dmxready.com/?product=online-notebook-manager Published: 2010-06-09 Greetz to:Sid3^effects, MaYur, M4n0j, Dark Blue™®, S1ayer,d3c0d3r and to al...
Acer notebooks weak passwords
Administrator system account has empty password and password is not reset during initial system account setup...
Insufficient Authentication vulnerability in Acer notebooks (English)
Hello SecurityFocus! I want to warn you about vulnerability in Acer notebooks. It's Insufficient Authentication vulnerability. Which I found 28.04.2009 in two my notebooks. At these notebooks Windows XP Home Rus is using, in case of other OS the vulnerability can be also present. In Windows XP Ho...
CVE-2009-0657
Toshiba Face Recognition 2.0.2.32 allows physically proximate attackers to obtain notebook access by presenting a large number of images for which the viewpoint and lighting have been modified to match a stored image of the authorized notebook user...
Sql injection
Multiple SQL injection vulnerabilities in DMXReady Online Notebook Manager 1.1 allow remote attackers to execute arbitrary SQL commands via the 1 username or 2 password field. NOTE: some third parties report inability to verify this issue...
CVE-2009-0454
CVE-2009-0454 affects DMXReady Online Notebook Manager 1.1. Multiple SQL injection flaws reported in the login inputs (username/password) could allow remote attackers to execute arbitrary SQL. Original description notes verification issues by third parties; no remediation details are provided in ...
DMXReady Online Notebook Manager 1.1 SQL Injection
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- = = XORON 2009C = = DMXReady online notebookmanager v1.1 Bypass SQL Injection Vuln. = =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- = = Script: DMXReady online...
Google Notebook和Google Bookmarks未明跨站脚本漏洞
BUGTRAQ ID: 30574 CNCAN ID:CNCAN-2008080706 Google Notebook是一款无需离开浏览器窗口,就能添加来自网页上的文本、图像和链接的服务。Google Bookmarks是一款书签服务。 Google Notebook和Google Bookmarks存在多个输入验证问题,远程攻击者可以利用漏洞进行跨站脚本攻击,获得敏感信息。 提交畸形的邀请和注释,通过google notebook中的共享选项,其他用户查看它时可泄漏COOKIE信息。 Google...