11 matches found
EUVD-2015-3468
Malware in sbrugna...
EUVD-2015-3469
Malware in sbrugna...
CVE-2015-3424
SQL injection vulnerability in Accentis Content Resource Management System before the October 2015 patch allows remote attackers to execute arbitrary SQL commands via the SIDX parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in Accentis Content Resource Management System before October 2015 patch allows remote attackers to inject arbitrary web script or HTML via the ctl00$cphcontent$uigformState parameter...
Sql injection
SQL injection vulnerability in Accentis Content Resource Management System before the October 2015 patch allows remote attackers to execute arbitrary SQL commands via the SIDX parameter...
CVE-2015-3424
CVE-2015-3424 affects Accentis Content Resource Management System. A SQL injection vulnerability exists in the SIDX parameter that allows remote attackers to execute arbitrary SQL commands. The issue is tied to input filtering flaws prior to the October 2015 patch; patched versions released aroun...
CVE-2015-3424
SQL injection vulnerability in Accentis Content Resource Management System before the October 2015 patch allows remote attackers to execute arbitrary SQL commands via the SIDX parameter...
CVE-2015-3425
Cross-site scripting XSS vulnerability in Accentis Content Resource Management System before October 2015 patch allows remote attackers to inject arbitrary web script or HTML via the ctl00$cphcontent$uigformState parameter...
CVE-2015-3425
CVE-2015-3425 is a stored XSS vulnerability in Accentis Content Resource Management System, exploitable via the parameter ctl00$cph_content$_uig_formState. Multiple connected sources confirm the issue affects Accentis CRM/resource management software prior to the October 2015 patch and that authe...
Accentis Content Resource Management System Cross Site Scripting
Vulnerability type: Stored Cross Site Scripting Vendor: http://www.accentis.com.au/ Product: Accentis Content Resource Management System Credit: Foo Jong Meng, Chia Junyuan, Benjamin Tan CVE ID: CVE-2015-3425 PROOF OF CONCEPT XSS Accentis Content Resource Management System before October 2015 pat...
Accentis Content Resource Management System SQL Injection
Issue 1 Vulnerability type: SQL Injection Vendor: http://www.accentis.com.au/ Product: Accentis Content Resource Management System Credit: Foo Jong Meng, Chia Junyuan, Benjamin Tan CVE ID: CVE-2015-3424 PROOF OF CONCEPT SQLi Accentis Content Resource Management System before October 2015 patch...