20 matches found
CVE-2010-0711
Cross-site request forgery CSRF vulnerability in default.asp in ASPCode CMS 1.5.8, 2.0.0 Build 103, and possibly other versions, allows remote attackers to hijack the authentication of an administrator for requests that 1 delete users via the delete action in the ma2 parameter or 2 create...
EUVD-2010-0738
Malware in sbrugna...
EUVD-2010-0737
Malware in sbrugna...
CVE-2010-0710
SQL injection vulnerability in default.asp in ASPCode CMS 1.5.8, 2.0.0 Build 103, and possibly other versions, allows remote attackers to execute arbitrary SQL commands via the newsid parameter when the sec parameter is 26. NOTE: the provenance of this information is unknown; the details are...
ASPCode CMS 1.5.8 'default.asp' Multiple Cross Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/38601/info ASPCode CMS is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script co...
ASPCode CMS <= 1.5.8 - Multiple Vulnerabilities
No description provided by source. Multiple Vulnerability in ASPCode CMS Software Version: = v1.5.8 Vendor WebSite: www.aspcodecms.com Date: 01 January 2010 Found by Alberto fulgur Fontanella itsicurezza0x40yahoo.it - ictsec.wordpress.com 1 - Multiple XSS Vulnerability...
ASPCode CMS 1.5.8 - Multiple Vulnerabilities
ASPCode CMS 1.5.8 - Multiple Vulnerabilities Multiple Vulnerability in ASPCode CMS Software Version: yahoo.it - ictsec.wordpress.com 1 - Multiple XSS Vulnerability http://host/default.asp?sec=1&ma1="alert"XSS"; http://host/default.asp?sec=1&tag="alert"XSS";...
ASPCode CMS <= v1.5.8 Multiple Vulnerabilities
Exploit for asp platform in category web applications ============================================== ASPCode CMS yahoo.it - ictsec.wordpress.com 1 - Multiple XSS Vulnerability http://host/default.asp?sec=1&ma1="alert"XSS"; http://host/default.asp?sec=1&tag="alert"XSS";...
ASPCode CMS 1.5.8 - default.asp Multiple Cross-Site Scripting Vulnerabilities
ASPCode CMS 1.5.8 - default.asp Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/38601/info ASPCode CMS is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage...
ASPCode CMS 1.5.8 - 'default.asp' Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/38601/info ASPCode CMS is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecti...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in default.asp in ASPCode CMS 1.5.8, 2.0.0 Build 103, and possibly other versions, allows remote attackers to hijack the authentication of an administrator for requests that 1 delete users via the delete action in the ma2 parameter or 2 create...
Sql injection
SQL injection vulnerability in default.asp in ASPCode CMS 1.5.8, 2.0.0 Build 103, and possibly other versions, allows remote attackers to execute arbitrary SQL commands via the newsid parameter when the sec parameter is 26. NOTE: the provenance of this information is unknown; the details are...
CVE-2010-0710
SQL injection vulnerability in default.asp in ASPCode CMS 1.5.8, 2.0.0 Build 103, and possibly other versions, allows remote attackers to execute arbitrary SQL commands via the newsid parameter when the sec parameter is 26. NOTE: the provenance of this information is unknown; the details are...
CVE-2010-0711
Cross-site request forgery CSRF vulnerability in default.asp in ASPCode CMS 1.5.8, 2.0.0 Build 103, and possibly other versions, allows remote attackers to hijack the authentication of an administrator for requests that 1 delete users via the delete action in the ma2 parameter or 2 create...
CVE-2010-0711
Cross-site request forgery CSRF vulnerability in default.asp in ASPCode CMS 1.5.8, 2.0.0 Build 103, and possibly other versions, allows remote attackers to hijack the authentication of an administrator for requests that 1 delete users via the delete action in the ma2 parameter or 2 create...
CVE-2010-0711
The CVE-2010-0711 entry affects ASPCode CMS versions 1.5.8 and 2.0.0 Build 103 (and possibly others). The issue is a Cross-site Request Forgery (CSRF) in default.asp that enables remote attackers to hijack an administrator’s session for actions triggered via the ma2 parameter, specifically (1) de...
CVE-2010-0710
SQL injection vulnerability in default.asp in ASPCode CMS 1.5.8, 2.0.0 Build 103, and possibly other versions, allows remote attackers to execute arbitrary SQL commands via the newsid parameter when the sec parameter is 26. NOTE: the provenance of this information is unknown; the details are...
CVE-2010-0710
ASPCode CMS contains an SQL injection in default.asp affecting versions 1.5.8 and 2.0.0 Build 103 (and possibly others). The vulnerability occurs when the newsid parameter is supplied and the sec parameter equals 26, allowing remote attackers to execute arbitrary SQL commands. The available sourc...
ASPCode CMS Cross Site Request Forgery / Cross Site Scripting
Multiple Vulnerability in ASPCode CMS Software Version: yahoo.it - ictsec.wordpress.com 1 - Multiple XSS Vulnerability http://host/default.asp?sec=1&ma1="alert"XSS"; http://host/default.asp?sec=1&tag="alert"XSS"; http://host/default.asp?sec=1&ma2="alert"XSS"; XSS found also on Form to reset...
ASPCode CMS <= v1.5.8 Multiple Vulnerability
Exploit for unknown platform in category web applications ============================================ ASPCode CMS alert"XSS"; http://host/default.asp?sec=1&tag="alert"XSS"; http://host/default.asp?sec=1&ma2="alert"XSS"; XSS found also on Form to reset password:...