Open-Xchange App Suite 7.8.2 - Cross-Site Scripting

Product: OX App Suite Vendor: OX Software GmbH Internal reference: 46484 Bug ID Vulnerability type: Cross Site Scripting CWE-80 Vulnerable version: 7.8.2 and earlier Vulnerable component: frontend Report confidence: Confirmed Solution status: Fixed by Vendor Fixed version: 7.6.2-rev46, 7.6.3-rev1...

drchrono: Accessing all appointments vulnerability

Hi there, This is another vulnerability which allow users without privilege to access appointments permission of access scheduling is turned off to access or view all appointments within offices. What the attacker will do is make use of the print appointment feature. Basically accessing directly:...

openEMR 4.2.0 Cross Site Scripting / SQL Injection

Advisory: Multiple reflecting/stored XSS- and SQLi-vulnerabilities in openEMR v.4.2.0 Advisory ID: SROEADV-2015-08 Author: Steffen Rösemann Affected Software: openEMR v.4.2.0 Release-date: 28th Dec 2014 Vendor URL: http://www.open-emr.org Vendor Status: patched CVE-ID: to be assigned after releas...

CVE-2014-4579

Cross-site scripting XSS vulnerability in js/test.php in the Appointments Scheduler plugin 1.5 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the lang parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in js/test.php in the Appointments Scheduler plugin 1.5 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the lang parameter...

CVE-2014-4579

Cross-site scripting XSS vulnerability in js/test.php in the Appointments Scheduler plugin 1.5 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the lang parameter...

CVE-2014-4579

CVE-2014-4579 is an XSS vulnerability in the WordPress Appointment Scheduler Plugin (versions

RHEL 6 : evolution (RHSA-2013:0516)

Updated evolution packages that fix one security issue and three bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

phlyMail Lite 4.03.04 Path Disclosure / XSS Vulnerabilities

phlyMail suffers from multiple stored XSS vulnerabilities post-auth and Path Disclosure when input passed via several parameters to several scripts is not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser...

[SECURITY] Fedora 17 Update: kdepim-4.8.4-4.fc17

KDE PIM Personal Information Manager applications, including: akregator: feed aggregator blogilo: blogging application, focused on simplicity and usability kmail: email client knode: newsreader knotes: sticky notes for the desktop kontact: integrated PIM management korganizer: journal,...

Egroupware 1.8.002 Cross Site Scripting

Egroupware v1.8.002 processexec.php Reflected Cross-Site Scripting XSS Google Dork: inurl:etemplate/processexec.php Title: Egroupware v1.8.002 processexec.php Remote XSS Vulnerability Type: Remote Author: Marcos Garcia Severity: Medium – CVSS: 5 AV:N/AC:L/Au:N/C:N/I:P/A:N Impact: Direct execution...

Fedora Update for kdepim FEDORA-2010-8544

Check for the Version of kdepim OpenVAS Vulnerability Test Fedora Update for kdepim FEDORA-2010-8544 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...

Sql injection

SQL injection vulnerability in activeappointments.asp in ASP Inline Corporate Calendar allows remote attackers to execute arbitrary SQL commands via the order parameter...

ASP Inline Corporate Calendar XSS / SQL Injection

000000 00000 0000 0000 000 00 000000 0000000 0000 000000 00000 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 00 0 0 0 0 0 0 0 0 00 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 00000 0 0 0 0 0 0 0 0 00000 0000 0 0 0 0 00000 0 0 0 0 0 0 0 0 0 0 000 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 000 0 0 0...

Fedora Update for kdepim FEDORA-2007-2985

Check for the Version of kdepim OpenVAS Vulnerability Test Fedora Update for kdepim FEDORA-2007-2985 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...

CVE-2004-1771

Scalable OGo SOGo 1.0 allows remote authenticated users to bypass intended permissions and view private appointments of other users...

CVE-2004-1771

CVE-2004-1771 affects Scalable OGo (SOGo) 1.0, where remote authenticated users can bypass intended permissions and view private appointments of other users. The provided sources confirm the affected product and the permission bypass impact, but do not specify the root cause details, vulnerable c...

CVE-2004-1771

Scalable OGo SOGo 1.0 allows remote authenticated users to bypass intended permissions and view private appointments of other users...