EUVD-2008-3724

Malware in sbrugna...

CVE-2008-3737

Unspecified vulnerability in 1 System Consultants La!Cooda WIZ 1.4.0 and earlier and 2 SpaceTag LacoodaST 2.1.3 and earlier allows remote attackers to execute arbitrary PHP scripts, and delete files, read files, and possibly have unknown other impact...

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in 1 System Consultants La!Cooda WIZ 1.4.0 and earlier and 2 SpaceTag LacoodaST 2.1.3 and earlier allow remote attackers to hijack the authentication of arbitrary users for requests that a change passwords or b change configurations...

CVE-2008-3738

Session fixation vulnerability in SpaceTag LacoodaST 2.1.3 and earlier allows remote attackers to hijack web sessions via unspecified vectors...

Cross site scripting

Cross-site scripting XSS vulnerability in 1 System Consultants La!Cooda WIZ 1.4.0 and earlier and 2 SpaceTag LacoodaST 2.1.3 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly involving upload of files containing XSS sequences...

Session fixation

Session fixation vulnerability in SpaceTag LacoodaST 2.1.3 and earlier allows remote attackers to hijack web sessions via unspecified vectors...

CVE-2008-3739

Cross-site scripting XSS vulnerability in 1 System Consultants La!Cooda WIZ 1.4.0 and earlier and 2 SpaceTag LacoodaST 2.1.3 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly involving upload of files containing XSS sequences...

Code injection

Unspecified vulnerability in 1 System Consultants La!Cooda WIZ 1.4.0 and earlier and 2 SpaceTag LacoodaST 2.1.3 and earlier allows remote attackers to execute arbitrary PHP scripts, and delete files, read files, and possibly have unknown other impact...

CVE-2008-3738

Session fixation vulnerability in SpaceTag LacoodaST 2.1.3 and earlier allows remote attackers to hijack web sessions via unspecified vectors...

CVE-2008-3737

La!cooda WIZ (System Consultants) <= 1.4.0 and LacoodaST (SpaceTag)

CVE-2008-3736

CVE-2008-3736 affects La!cooda WIZ 1.4.0 and earlier and LacoodaST 2.1.3 and earlier. The vulnerabilities are cross-site request forgery (CSRF) issues that may allow remote attackers to hijack the authentication of legitimate users to perform actions such as password changes or configuration chan...

CVE-2008-3738

The CVE-2008-3738 case describes a session fixation vulnerability in SpaceTag LacoodaST 2.1.3 and earlier. Public documents confirm the affected product is LacoodaST by SpaceTag, Inc., with a vulnerability that could allow a remote attacker to hijack a user session. Impact details in sources indi...

CVE-2008-3738

Session fixation vulnerability in SpaceTag LacoodaST 2.1.3 and earlier allows remote attackers to hijack web sessions via unspecified vectors...

CVE-2008-3736

Multiple cross-site request forgery CSRF vulnerabilities in 1 System Consultants La!Cooda WIZ 1.4.0 and earlier and 2 SpaceTag LacoodaST 2.1.3 and earlier allow remote attackers to hijack the authentication of arbitrary users for requests that a change passwords or b change configurations...

CVE-2008-3739

Cross-site scripting XSS vulnerability in 1 System Consultants La!Cooda WIZ 1.4.0 and earlier and 2 SpaceTag LacoodaST 2.1.3 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly involving upload of files containing XSS sequences...

PT-2008-5097 · Spacetag · Spacetag Lacoodast

Name of the Vulnerable Software and Affected Versions: SpaceTag LacoodaST versions 2.1.3 and earlier Description: A session fixation issue allows remote attackers to hijack web sessions. The exact vectors used for the attack are not specified. Recommendations: For versions 2.1.3 and earlier, upda...