10 matches found
EUVD-2007-5402
Malware in sbrugna...
ActiveKB NX 2.6 Index.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/26027/info ActiveKB NX is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...
CVE-2007-5426
Multiple cross-site scripting XSS vulnerabilities in ActiveKB NX 2.5.4 allow remote attackers to inject arbitrary web script or HTML via the page parameter to the default URI for some directories, as demonstrated by 1 ActiveKB/ and 2 default/categories/ActiveKB/...
CVE-2007-5426
Multiple cross-site scripting XSS vulnerabilities in ActiveKB NX 2.5.4 allow remote attackers to inject arbitrary web script or HTML via the page parameter to the default URI for some directories, as demonstrated by 1 ActiveKB/ and 2 default/categories/ActiveKB/...
CVE-2007-5426
CVE-2007-5426 : The provided documents identify multiple cross-site scripting (XSS) vulnerabilities in ActiveKB NX 2.5.4 . The issue arises from injectable content via the page parameter to the default URI for some directories (examples include ActiveKB/ and default/categories/ActiveKB/). The roo...
ActiveKB NX 2.6 - index.php Cross-Site Scripting
ActiveKB NX 2.6 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/26027/info ActiveKB NX is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...
ActiveKB NX 2.6 - 'index.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/26027/info ActiveKB NX is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context o...
Sql injection
SQL injection vulnerability in index.php in Interspire ActiveKB NX 2.x allows remote attackers to execute arbitrary SQL commands via the catId parameter in a browse action. NOTE: it was separately reported that ActiveKB 1.5 is also affected...
CVE-2007-5131
SQL injection vulnerability in index.php in Interspire ActiveKB NX 2.x allows remote attackers to execute arbitrary SQL commands via the catId parameter in a browse action. NOTE: it was separately reported that ActiveKB 1.5 is also affected...
CVE-2007-5131
CVE-2007-5131 affects Interspire ActiveKB NX 2.x. The vulnerability is a SQL injection in index.php when handling the browse action via the catId parameter, enabling remote execution of arbitrary SQL commands. Note that ActiveKB 1.5 is also reported to be affected. The linked references confirm t...