13 matches found
EUVD-2005-4042
Malware in sbrugna...
EUVD-2005-3594
Malware in sbrugna...
EUVD-2005-4652
Malware in sbrugna...
IISWorks ASPKnowledgeBase 2.0 KB.ASP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/15734/info ASPKnowledgeBase is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitra...
CVE-2005-4047
Cross-site scripting XSS vulnerability in kb.asp in IISWorks ASPKnowledgeBase 2.0 allows remote attackers to inject arbitrary web script or HTML via the a parameter...
CVE-2005-4047
CVE-2005-4047 describes an XSS vulnerability in IISWorks ASPKnowledgeBase 2.0, affecting the kb.asp component. The flaw allows remote attackers to inject arbitrary web script or HTML via the a parameter. The available data does not specify affected versions beyond IISWorks KB 2.0, nor details on ...
CVE-2005-4047
Cross-site scripting XSS vulnerability in kb.asp in IISWorks ASPKnowledgeBase 2.0 allows remote attackers to inject arbitrary web script or HTML via the a parameter...
IISWorks ASPKnowledgeBase 2.0 - 'KB.asp' Cross-Site Scripting
source: https://www.securityfocus.com/bid/15734/info ASPKnowledgeBase is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the...
CVE-2005-3596
SQL injection vulnerability in ASPKnowledgebase allows remote attackers to execute arbitrary SQL commands and bypass authentication via the 1 username and 2 password fields in adminlogin.asp...
CVE-2005-3596
SQL injection vulnerability in ASPKnowledgebase allows remote attackers to execute arbitrary SQL commands and bypass authentication via the 1 username and 2 password fields in adminlogin.asp...
CVE-2005-3596
CVE-2005-3596 documents an SQL injection in ASPKnowledgebase, allowing remote attackers to bypass authentication and execute arbitrary SQL via the (1) username and (2) password fields in adminlogin.asp. The underlying issue is improper input handling in the login form, enabling manipulation of SQ...
ASPKnowledgebase vulnerable to SQL-inject
ASPKnowledgebase found at: http://www.asp-programmers.com/download-freeware.asp, does not properly sanitise it's admin logon fields. Therefore an SQL-inject will bypass the entire authentication process, giving you administrative rights. PoC of SQL could be 1'or'1'='1 on the admin logon page:...
ASPKnowledgebase vulnerable to XSS injection.
ASPKnowledgebase, by www.asp-programmers.com is vulnerable to XSS in some of it's input fields. If you compromise it's logon, to gain administrative privileges as my previous advisory describes - you can inject the admin form-fields with XSS. This will result in automatic execution of script when...