21 matches found
EUVD-2004-2690
Malware in sbrugna...
EUVD-2004-2691
Malware in sbrugna...
EUVD-2004-2689
Malware in sbrugna...
CVE-2004-2700
Unrestricted file upload vulnerability in AspDotNetStorefront 3.3 allows remote authenticated administrators to upload arbitrary files with executable extensions via admin/images.aspx...
AspDotNetStorefront 3.3 Access Validation Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/10506/info AspDotNetStorefront is reportedly prone to an access validation vulnerability that may allow a remote attacker to delete arbitrary contents from a vulnerable Web site. The issue occurs because the...
AspDotNetStorefront 3.3 ReturnURL Parameter Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/10507/info AspDotNetStorefront is prone to a cross-site scripting vulnerability. This issue exists due to insufficient sanitization of user-supplied data. The problem presents itself in the 'returnurl' parameter of the...
CVE-2004-2700
Unrestricted file upload vulnerability in AspDotNetStorefront 3.3 allows remote authenticated administrators to upload arbitrary files with executable extensions via admin/images.aspx...
CVE-2004-2701
Cross-site scripting XSS vulnerability in signin.aspx for AspDotNetStorefront 3.3 allows remote attackers to inject arbitrary web script or HTML via the returnurl parameter...
CVE-2004-2700
CVE-2004-2700 affects AspDotNetStorefront 3.3, where an unrestricted file upload via admin/images.aspx allows remote authenticated administrators to upload files with executable extensions. This is documented across multiple sources (NVD entry and vendor/partner advisories). The core issue is imp...
CVE-2004-2699
deleteicon.aspx in AspDotNetStorefront 3.3 allows remote attackers to delete arbitrary product images via a modified ProductID parameter...
CVE-2004-2701
CVE-2004-2701 is a cross-site scripting (XSS) vulnerability in AspDotNetStorefront 3.3, specifically in signin.aspx where an attacker can inject arbitrary web script or HTML via the returnurl parameter. Affected component is the signin.aspx handling of returnurl; root cause is improper handling o...
CVE-2004-2699
CVE-2004-2699 : deleteicon.aspx in AspDotNetStorefront 3.3 allows an unauthenticated remote attacker to delete arbitrary product images by modifying the ProductID parameter. This affects image integrity (partial impact) per the NVD CVSS2 vector (AV:N/AC:M/Au:N/C:N/I:P/A:N) with a base score of 4....
CVE-2004-2699
deleteicon.aspx in AspDotNetStorefront 3.3 allows remote attackers to delete arbitrary product images via a modified ProductID parameter...
CVE-2004-2700
Unrestricted file upload vulnerability in AspDotNetStorefront 3.3 allows remote authenticated administrators to upload arbitrary files with executable extensions via admin/images.aspx...
CVE-2004-2701
Cross-site scripting XSS vulnerability in signin.aspx for AspDotNetStorefront 3.3 allows remote attackers to inject arbitrary web script or HTML via the returnurl parameter...
[FULL DISCLOSURE] ASPDOTNETSTOREFRONT Cross-Site Scripting Vulnerability
ASPDOTNETSTOREFRONT Cross-Site Scripting Vulnerability Release Date: June 9, 2004 Severity: Medium Vendor: AspDotNetStorefront.com A Division of Discovery Productions, Inc. Software: Tested on AspDotNetStorefront 3.3 Previous versions may also be affected. Remote: Remotely executed from any web...
[FULL DISCLOSURE] ASPDOTNETSTOREFRONT Improper Session Validation
ASPDOTNETSTOREFRONT Improper Session Validation Release Date: June 9, 2004 Severity: HIGH Vendor: AspDotNetStorefront.com A Division of Discovery Productions, Inc. Software: Tested on AspDotNetStorefront 3.3 Previous versions may also be affected. Remote: Remotely executed from any web browser...
ADVISORY: ASPDOTNETSTOREFRONT Improper Upload Validation
ASPDOTNETSTOREFRONT Improper Upload Validation Release Date: June 9, 2004 Severity: HIGH Vendor: AspDotNetStorefront.com A Division of Discovery Productions, Inc. Software: Tested on AspDotNetStorefront 3.3 Previous versions may also be affected. Remote: Remotely executed from any web browser...
AspDotNetStorefront 3.3 - ReturnURL Cross-Site Scripting
AspDotNetStorefront 3.3 - ReturnURL Cross-Site Scripting source: https://www.securityfocus.com/bid/10507/info AspDotNetStorefront is prone to a cross-site scripting vulnerability. This issue exists due to insufficient sanitization of user-supplied data. The problem presents itself in the...
AspDotNetStorefront 3.3 - 'ReturnURL' Cross-Site Scripting
source: https://www.securityfocus.com/bid/10507/info AspDotNetStorefront is prone to a cross-site scripting vulnerability. This issue exists due to insufficient sanitization of user-supplied data. The problem presents itself in the 'returnurl' parameter of the 'signin.aspx' script of the...