74 matches found
CVE-2006-1897
CVE-2006-1897 affects Webplus (aka talentsoft) Web+Shop 5.3.6. The vulnerability arises when the Redirect URL for the “Script Not Found” error is not configured, allowing remote attackers to cause information disclosure via the storeid parameter in store.wml within webplus.exe, revealing the path...
CVE-2006-1897
Webplus aka talentsoft Web+Shop 5.3.6, when Redirect URL for "Script Not Found" Error is not configured, allows remote attackers to obtain sensitive information via a quote ' or possibly other invalid value in the storeid parameter in store.wml in webplus.exe, which reveals the path in a "Script...
Cross site scripting
Cross-site scripting XSS vulnerability in webplus.exe in TalentSoft Web+Shop 5.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the deptname parameter, possibly involving the webpshop/ department.wml script...
CVE-2006-1682
Cross-site scripting XSS vulnerability in webplus.exe in TalentSoft Web+Shop 5.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the deptname parameter, possibly involving the webpshop/ department.wml script...
CVE-2006-1682
CVE-2006-1682 describes a cross-site scripting (XSS) vulnerability in webplus.exe within TalentSoft Web+Shop 5.0 and earlier. The issue allows remote attackers to inject arbitrary web script or HTML via the deptname parameter, potentially involving the webpshop/ department.wml script. The descrip...
CVE-2006-1682
Cross-site scripting XSS vulnerability in webplus.exe in TalentSoft Web+Shop 5.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the deptname parameter, possibly involving the webpshop/ department.wml script...
TalentSoft Web+ Shop 5.0 - Deptname Cross-Site Scripting
TalentSoft Web+ Shop 5.0 - Deptname Cross-Site Scripting source: https://www.securityfocus.com/bid/17418/info Web+ Shop is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue...
TalentSoft Web+ Shop 5.0 - 'Deptname' Cross-Site Scripting
source: https://www.securityfocus.com/bid/17418/info Web+ Shop is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of...
TalentSoft Web+ Version Report
This plug-in detects the version of Web+ CGI. The Web+ CGI has a known vulnerability that enables a remote attacker to gain access to local files. This test in itself does not verify the vulnerability but rather tries to discover the version of Web+ which is installed. SPDX-FileCopyrightText: 200...
TalentSoft Web+ webplus.exe Path Disclosure
The remote host appears to be running Web+ Application Server. The version of Web+ installed on the remote host reveals the physical path of the application when it receives a script file error. %NASLMINLEVEL 70300 This script was written by David Kyger See the Nessus Scripts License for details...
CVE-2002-0753
Buffer overflow in Talentsoft Web+ 5.0 allows remote attackers to execute arbitrary code via an HTTP request with a long cookie...
Talentsoft Web+ contains buffer overflow in "webpsvc.exe"
Overview Talentsoft's Web+ development platform contains a buffer overflow in a component that also installs by default into all web sites produced by Web+. Description Talentsoft Web+ is a set of tools for accelerated web site development. A component of Web+ named "webpsvc.exe" contains a buffe...
CVE-2002-0449
Buffer overflow in webpsvc.exe for Talentsoft Web+ 5.0 and earlier allows remote attackers to execute arbitrary code via a long argument to webplus.exe program, which triggers the overflow in webpsvc.exe...
CVE-2002-0450
Buffer overflow in Talentsoft Web+ 5.0 and earlier allows remote attackers to execute arbitrary code via a long Web Markup Language wml file name to 1 webplus.dll or 2 webplus.exe...
CVE-2002-0753
Buffer overflow in Talentsoft Web+ 5.0 allows remote attackers to execute arbitrary code via an HTTP request with a long cookie...
CVE-2002-0753
CVE-2002-0753 : Buffer overflow in Talentsoft Web+ 5.0 allows remote attackers to execute arbitrary code via an HTTP request with a long cookie. The connected documents confirm the vulnerability description but do not provide additional technical details, affected versions beyond 5.0, exploit spe...
CVE-2002-0450
CVE-2002-0450 affects Talentsoft Web+ 5.0 and earlier. A buffer overflow is triggered by a long Web Markup Language (wml) file name passed to webplus.dll or webplus.exe, enabling remote code execution. The connected sources (NVD/CVE forms) confirm the affected product and method (buffer overflow ...
CVE-2002-0450
Buffer overflow in Talentsoft Web+ 5.0 and earlier allows remote attackers to execute arbitrary code via a long Web Markup Language wml file name to 1 webplus.dll or 2 webplus.exe...
CVE-2002-0449
CVE-2002-0449 affects Talentsoft Web+ up to version 5.0, where a buffer overflow in the Web+ component webpsvc.exe (triggered via a crafted URI in webplus.exe ) allows remote code execution. The vulnerability can execute code with the privileges of the user running webpsvc.exe (often SYSTEM). CER...
Buffer overflow in Talentsoft Web+
Buffer overflows in CGI supplied applications, cookie processing...