Sql injection

SQL injection vulnerability in the WebAdmin application 6.0.5, 6.0.8, and 7.0 before P2 in IBM Netezza allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors...

CVE-2012-5940

The WebAdmin application 6.0.5, 6.0.8, and 7.0 before P2 in IBM Netezza, when SSL is not enabled, allows remote attackers to discover credentials by sniffing the network during the authentication process...

CVE-2012-5941

IBM Netezza WebAdmin 6.0.5, 6.0.8, and 7.0 before P2 are affected by CVE-2012-5941, an XSS where user-supplied input is not neutralized before being included in web output, enabling phishing via the WebAdmin interface. The IBM bulletin lists remediation through patch 7.0 P2 (and related SSL guida...

CVE-2012-5762

Cross-site scripting XSS vulnerability in the WebAdmin application 6.0.5, 6.0.8, and 7.0 before P2 in IBM Netezza allows remote authenticated users to inject arbitrary web script or HTML via vectors involving the MHTML protocol...

CVE-2012-5763

Cross-site request forgery CSRF vulnerability in the WebAdmin application 6.0.5, 6.0.8, and 7.0 before P2 in IBM Netezza allows remote attackers to hijack the authentication of unspecified victims via unknown vectors...

CVE-2012-5760

SQL injection vulnerability in the WebAdmin application 6.0.5, 6.0.8, and 7.0 before P2 in IBM Netezza allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors...

CVE-2012-5940

IBM Netezza WebAdmin 6.0.5, 6.0.8, and 7.0 (pre-P2) are affected by CVE-2012-5940: when SSL is not enabled, login requests can be intercepted and credentials exposed during authentication. The IBM advisory assigns remediation to patch IBM Netezza WebAdmin 7.0 with patch level 7.0 P2, and a workar...

CVE-2012-5763

CVE-2012-5763 affects IBM Netezza WebAdmin (WebAdmin 6.0.5, 6.0.8, and 7.0 before P2). The IBM bulletin documents a Cross-site request forgery (CSRF) flaw where requests may be accepted without proper authentication verification, potentially allowing remote attackers to hijack user sessions. Root...

CVE-2012-5762

CVE-2012-5762 affects IBM Netezza WebAdmin (versions 6.0.5, 6.0.8 and 7.0 before P2). The vulnerability is an XSS allowing remote authenticated users to inject arbitrary script/HTML via MHTML protocol vectors. IBM’s bulletin for this family notes multiple issues and lists CVE-2012-5762 among them...

CVE-2012-5941

Cross-site scripting XSS vulnerability in the WebAdmin application 6.0.5, 6.0.8, and 7.0 before P2 in IBM Netezza allows remote authenticated users to inject content, and conduct phishing attacks, via unspecified vectors...

CVE-2012-5760

IBM Netezza WebAdmin is affected by CVE-2012-5760. Affected versions: WebAdmin 6.0.5, 6.0.8 and 7.0 prior to P2. Root cause: elements that could modify a SQL command are not properly neutralized, enabling an authenticated remote user to execute arbitrary SQL commands via unspecified vectors, with...

CVE-2012-5761

CVE-2012-5761 affects IBM NetEzta WebAdmin 6.0.5, 6.0.8, and 7.0 before P2. The root cause is that user-controlled input is not properly neutralized before being embedded in the web page output, enabling XSS via unspecified vectors for remote authenticated users. The IBM bulletin lists the impact...

Alt-N MDaemon WorldClient And WebAdmin - Cross-Site Request Forgery

Alt-N MDaemon WorldClient And WebAdmin - Cross-Site Request Forgery source: https://www.securityfocus.com/bid/58076/info MDaemon WorldClient and WebAdmin are prone to a cross-site request-forgery vulnerability. Exploiting this issue may allow a remote attacker to perform certain unauthorized...

Alt-N MDaemon WorldClient And WebAdmin - Cross-Site Request Forgery

source: https://www.securityfocus.com/bid/58076/info MDaemon WorldClient and WebAdmin are prone to a cross-site request-forgery vulnerability. Exploiting this issue may allow a remote attacker to perform certain unauthorized actions and gain access to the affected application. Other attacks are...

Netsweeper WebAdmin Portal CSRF / XSS / SQL Injection

Exploit Title: Netsweeper WebAdmin Portal CSRF, Reflective XSS, and SQL Injection "The later"\ Date: Discovered and reported CSRF and XSS 4/2012 and "The later" 7/2012\ Author: Jacob Holcomb/Gimppy042\ Software Link: Netsweeper Inc. - Netsweeper Internet Filter www.netsweeper.com\ CVE :...

Netsweeper WebAdmin Portal - Multiple Vulnerabilities

Exploit Title: Netsweeper WebAdmin Portal CSRF, Reflective XSS, and SQL Injection "The later"\ Date: Discovered and reported CSRF and XSS 4/2012 and "The later" 7/2012\ Author: Jacob Holcomb/Gimppy042\ Software Link: Netsweeper Inc. - Netsweeper Internet Filter www.netsweeper.com\ CVE :...

Netsweeper WebAdmin Portal - Multiple Vulnerabilities

Netsweeper WebAdmin Portal - Multiple Vulnerabilities Exploit Title: Netsweeper WebAdmin Portal CSRF, Reflective XSS, and SQL Injection "The later"\ Date: Discovered and reported CSRF and XSS 4/2012 and "The later" 7/2012\ Author: Jacob Holcomb/Gimppy042\ Software Link: Netsweeper Inc. - Netsweep...

Netsweeper WebAdmin Portal Multiple Vulnerabilities

Exploit for php platform in category web applications Exploit Title: Netsweeper WebAdmin Portal CSRF, Reflective XSS, and "The later" Date: Discovered and reported CSRF and XSS reported 4/2012 and "The later" reported 7/2012 Author: Jacob Holcomb/Gimppy042 Software Link: Netsweeper Inc. -...

Booking System Pro CSRF Vulnerability

Exploit for php platform in category web applications Exploit Title: Booking System Pro CSRF Vulnerability Date: 28/08/2012 Author: DaOne @LibyanCA Vendor: http://www.neptunescripts.com/products Price: $39 CSRF Add Admin 0day.today 2018-01-26...

Jaow CMS 2.3 Cross Site Request Forgery

Exploit Title: Jaow CMS v2.3 CSRF Vulnerability Author: DaOne LCA Date: 15/8/2012 Software Link: http://www.jaow.net Or: http://scripts.toocharger.com/fiches/scripts/jaow/5370.htm CSRF Add Admin...