20 matches found
EUVD-2011-1348
Malware in sbrugna...
EUVD-2010-3902
Malware in sbrugna...
EUVD-2011-1349
Malware in sbrugna...
CVE-2011-1341
Cross-site request forgery CSRF vulnerability in Aimluck Aipo before 4.0.4.0, and Aipo for ASP before 4.0.4.0, allows remote attackers to hijack the authentication of administrators for requests that modify data...
CVE-2011-1341
Cross-site request forgery CSRF vulnerability in Aimluck Aipo before 4.0.4.0, and Aipo for ASP before 4.0.4.0, allows remote attackers to hijack the authentication of administrators for requests that modify data...
CVE-2011-1342
SQL injection vulnerability in Aimluck Aipo before 5.1.1, and Aipo for ASP before 5.1.1, allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in Aimluck Aipo before 4.0.4.0, and Aipo for ASP before 4.0.4.0, allows remote attackers to hijack the authentication of administrators for requests that modify data...
Sql injection
SQL injection vulnerability in Aimluck Aipo before 5.1.1, and Aipo for ASP before 5.1.1, allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors...
CVE-2011-1342
SQL injection vulnerability in Aimluck Aipo before 5.1.1, and Aipo for ASP before 5.1.1, allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors...
CVE-2011-1342
CVE-2011-1342 affects Aimluck Aipo before 5.1.1 and Aipo for ASP before 5.1.1, where a SQL injection vulnerability allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. References in JVN/JVNDB and Red Hat/NVD confirm the issue and indicate the fix: upgrade t...
CVE-2011-1341
Cross-site request forgery CSRF vulnerability in Aimluck Aipo before 4.0.4.0, and Aipo for ASP before 4.0.4.0, allows remote attackers to hijack the authentication of administrators for requests that modify data...
CVE-2011-1341
CVE-2011-1341 describes a CSRF vulnerability in Aimluck Aipo before 4.0.4.0 and Aipo for ASP before 4.0.4.0, enabling remote attackers to hijack administrators’ authenticated sessions to perform data-modifying requests. Affected versions: Aipo and Aipo for ASP prior to 4.0.4.0. Root cause: CSRF i...
Aipo vulnerable to cross-site request forgery
Overview Aipo contains a cross-site request forgery vulnerability. Aipo from Aimluck, Inc. is groupware including functions such as scheduler and intra-office blogging. Aipo contains a cross-site request forgery vulnerability. Masako Ohno reported this vulnerability to IPA. JPCERT/CC coordinated...
JVN#72854072: Aipo vulnerable to cross-site request forgery
Aipo from Aimluck, Inc. is groupware including functions such as scheduler and intra-office blogging. Aipo contains a cross-site request forgery vulnerability. Impact If an administrative user views a malicious page while logged into Aipo, data stored within Aipo may be altered. Solution Update t...
CVE-2010-3924
SQL injection vulnerability in Aimluck Aipo before 5.1.0.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors...
Sql injection
SQL injection vulnerability in Aimluck Aipo before 5.1.0.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors...
CVE-2010-3924
CVE-2010-3924 describes an SQL injection vulnerability in Aimluck Aipo prior to version 5.1.0.1. The issue allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, potentially exposing or altering data managed by Aipo. Affected product: Aimluck Aipo (groupware ...
CVE-2010-3924
SQL injection vulnerability in Aimluck Aipo before 5.1.0.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors...
JVN#50704770: Aipo vulnerable to SQL injection
Aipo from Aimluck, Inc. is groupware including functions such as scheduler and intra-office blogging. Aipo contains a SQL injection vulnerability. Impact Contents that are managed by Aipo may be viewed by a user that can login to Aipo. Solution Update the Software Update to the latest version...
JVN#70075625 Aipo session fixation vulnerability
Aipo from Aimluck, Inc. is groupware including functions such as scheduler and intra-blogging. Aipo contains a session fixation vulnerability which may allow an attacker to impersonate a user when the user logs into AIPO with the session ID sent by the attacker. Impact This vulnerability may allo...