43 matches found
EUVD-2008-1550
Malware in sbrugna...
EUVD-2008-0949
Malware in sbrugna...
EUVD-2008-0948
Malware in sbrugna...
EUVD-2008-0950
Malware in sbrugna...
EUVD-2008-1549
Malware in sbrugna...
EUVD-2007-6483
Malware in sbrugna...
Eagle Software Aeries Student Information System 3.7.2.2/3.8.2.8 Labels.asp Term Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/27924/info Aeries Student Information System is prone to multiple input-validation vulnerabilities, including multiple SQL-injection issues and an HTML-injection issue, because it fails to sufficiently sanitize...
Eagle Software Aeries Student Information System 3.7.2.2/3.8.2.8 Comments.asp FC Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/27924/info Aeries Student Information System is prone to multiple input-validation vulnerabilities, including multiple SQL-injection issues and an HTML-injection issue, because it fails to sufficiently sanitize...
Eagle Software Aeries Student Information System 3.7.2.2/3.8.2.8 GradebookStuScores.asp GrdBk Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/27924/info Aeries Student Information System is prone to multiple input-validation vulnerabilities, including multiple SQL-injection issues and an HTML-injection issue, because it fails to sufficiently sanitize...
Eagle Software Aeries Student Information System 3.7.2.2/3.8.2.8 ClassList.asp Term Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/27924/info Aeries Student Information System is prone to multiple input-validation vulnerabilities, including multiple SQL-injection issues and an HTML-injection issue, because it fails to sufficiently sanitize...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Aeries Browser Interface ABI 3.8.3.14 in Eagle Software Aries Student Information System allow remote attackers to inject arbitrary web script or HTML via the 1 UserName parameter to loginproc.asp and the 2 usr parameter to Login.asp...
CVE-2008-1549
Multiple SQL injection vulnerabilities in Aeries Browser Interface ABI 3.8.3.14 in Eagle Software Aries Student Information System allow remote attackers to execute arbitrary SQL commands via the 1 GrdBk parameter to GradebookOptions.asp and the 2 SchlCode variable to loginproc.asp, a different...
CVE-2008-1548
Multiple cross-site scripting XSS vulnerabilities in Aeries Browser Interface ABI 3.8.3.14 in Eagle Software Aries Student Information System allow remote attackers to inject arbitrary web script or HTML via the 1 UserName parameter to loginproc.asp and the 2 usr parameter to Login.asp...
Sql injection
Multiple SQL injection vulnerabilities in Aeries Browser Interface ABI 3.8.3.14 in Eagle Software Aries Student Information System allow remote attackers to execute arbitrary SQL commands via the 1 GrdBk parameter to GradebookOptions.asp and the 2 SchlCode variable to loginproc.asp, a different...
CVE-2008-1549
Multiple SQL injection vulnerabilities in Aeries Browser Interface ABI 3.8.3.14 in Eagle Software Aries Student Information System allow remote attackers to execute arbitrary SQL commands via the 1 GrdBk parameter to GradebookOptions.asp and the 2 SchlCode variable to loginproc.asp, a different...
CVE-2008-1548
CVE-2008-1548 describes multiple XSS vulnerabilities in Aeries Browser Interface (ABI) 3.8.3.14 within Eagle Software’s Aries Student Information System. The issues allow remote attackers to inject arbitrary web script or HTML via (1) the UserName parameter to loginproc.asp and (2) the usr parame...
CVE-2008-1548
Multiple cross-site scripting XSS vulnerabilities in Aeries Browser Interface ABI 3.8.3.14 in Eagle Software Aries Student Information System allow remote attackers to inject arbitrary web script or HTML via the 1 UserName parameter to loginproc.asp and the 2 usr parameter to Login.asp...
CVE-2008-1549
CVE-2008-1549 documents multiple SQL injection vulnerabilities in Eagle Software’s Aeries Browser Interface (ABI) 3.8.3.14 within the Aries Student Information System. The vulnerabilities allow remote attackers to execute arbitrary SQL commands via the GrdBk parameter to GradebookOptions.asp and ...
aeries-sqlxss.txt
Discovered By : Arsalan Emamjomehkashan aeries browser interfaceABI 3.8.3.14 Remote SQL Injection Website:http://aeries.com/ SQL injection: GradebookOptions.asp?GrdBk=SQL loginproc.asp If you post variable "SchlCode" XSS: UserName variable on loginproc.asp and usr on Login.asp...
aeries browser interface(ABI) 3.8.3.14 Remote SQL Injection
Discovered By : Arsalan Emamjomehkashan aeries browser interfaceABI 3.8.3.14 Remote SQL Injection Website:http://aeries.com/ SQL injection: GradebookOptions.asp?GrdBk=SQL loginproc.asp If you post variable "SchlCode" XSS: UserName variable on loginproc.asp and usr on Login.asp...