23 matches found
EUVD-2008-3724
Malware in sbrugna...
EUVD-2008-3722
Malware in sbrugna...
LacoodaST from SpaceTag, Inc. session fixation vulnerability
Overview LacoodaST from SpaceTag, Inc. contains a session fixation vulnerability. LacoodaST from SpaceTag, Inc. is groupware providing schedule and task managements, etc. LacoodaST contains a session fixation vulnerability. Hirotaka Katagiri reported this vulnerability to IPA. JPCERT/CC coordinat...
CVE-2008-3738
Session fixation vulnerability in SpaceTag LacoodaST 2.1.3 and earlier allows remote attackers to hijack web sessions via unspecified vectors...
Code injection
Unspecified vulnerability in 1 System Consultants La!Cooda WIZ 1.4.0 and earlier and 2 SpaceTag LacoodaST 2.1.3 and earlier allows remote attackers to execute arbitrary PHP scripts, and delete files, read files, and possibly have unknown other impact...
CVE-2008-3739
Cross-site scripting XSS vulnerability in 1 System Consultants La!Cooda WIZ 1.4.0 and earlier and 2 SpaceTag LacoodaST 2.1.3 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly involving upload of files containing XSS sequences...
CVE-2008-3737
Unspecified vulnerability in 1 System Consultants La!Cooda WIZ 1.4.0 and earlier and 2 SpaceTag LacoodaST 2.1.3 and earlier allows remote attackers to execute arbitrary PHP scripts, and delete files, read files, and possibly have unknown other impact...
Session fixation
Session fixation vulnerability in SpaceTag LacoodaST 2.1.3 and earlier allows remote attackers to hijack web sessions via unspecified vectors...
Cross site scripting
Cross-site scripting XSS vulnerability in 1 System Consultants La!Cooda WIZ 1.4.0 and earlier and 2 SpaceTag LacoodaST 2.1.3 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly involving upload of files containing XSS sequences...
Cross site request forgery (csrf)
Multiple cross-site request forgery CSRF vulnerabilities in 1 System Consultants La!Cooda WIZ 1.4.0 and earlier and 2 SpaceTag LacoodaST 2.1.3 and earlier allow remote attackers to hijack the authentication of arbitrary users for requests that a change passwords or b change configurations...
CVE-2008-3738
Session fixation vulnerability in SpaceTag LacoodaST 2.1.3 and earlier allows remote attackers to hijack web sessions via unspecified vectors...
CVE-2008-3736
Multiple cross-site request forgery CSRF vulnerabilities in 1 System Consultants La!Cooda WIZ 1.4.0 and earlier and 2 SpaceTag LacoodaST 2.1.3 and earlier allow remote attackers to hijack the authentication of arbitrary users for requests that a change passwords or b change configurations...
CVE-2008-3738
The CVE-2008-3738 case describes a session fixation vulnerability in SpaceTag LacoodaST 2.1.3 and earlier. Public documents confirm the affected product is LacoodaST by SpaceTag, Inc., with a vulnerability that could allow a remote attacker to hijack a user session. Impact details in sources indi...
CVE-2008-3738
Session fixation vulnerability in SpaceTag LacoodaST 2.1.3 and earlier allows remote attackers to hijack web sessions via unspecified vectors...
CVE-2008-3739
Cross-site scripting XSS vulnerability in 1 System Consultants La!Cooda WIZ 1.4.0 and earlier and 2 SpaceTag LacoodaST 2.1.3 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly involving upload of files containing XSS sequences...
CVE-2008-3739
La!cooda WIZ (System Consultants) <= 1.4.0 and LacoodaST (SpaceTag)
CVE-2008-3736
CVE-2008-3736 affects La!cooda WIZ 1.4.0 and earlier and LacoodaST 2.1.3 and earlier. The vulnerabilities are cross-site request forgery (CSRF) issues that may allow remote attackers to hijack the authentication of legitimate users to perform actions such as password changes or configuration chan...
CVE-2008-3737
La!cooda WIZ (System Consultants) <= 1.4.0 and LacoodaST (SpaceTag)
PT-2008-5097 · Spacetag · Spacetag Lacoodast
Name of the Vulnerable Software and Affected Versions: SpaceTag LacoodaST versions 2.1.3 and earlier Description: A session fixation issue allows remote attackers to hijack web sessions. The exact vectors used for the attack are not specified. Recommendations: For versions 2.1.3 and earlier, upda...
JVN#83428818 La!cooda WIZ and LacoodaST vulnerable to cross-site request forgery
La!cooda WIZ from System Consultants Co., Ltd. and LacoodaST from SpaceTag, Inc. are groupware providing schedule and task managements, etc. La!cooda WIZ and LacoodaST contain a cross-site request forgery vulnerability. Impact Password or other configurations may be changed if the logged in user...