24 matches found
Openemr-4.1.0 - SQL Injection
Exploit Title: Openemr-4.1.0 SQL injection Vulnerability Date: 2011/10/18 Author: I2sec-dae jin Oh Software Link: http://sourceforge.net/projects/openemr/files/OpenEMR%20Current/4.1.0/openemr-4.1.0.zip/download Vendor : www.open-emr.com Version: Openemr-4.1.0 Tested on: Windows 7...
Openemr-4.1.0 SQL injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Openemr-4.1.0 SQL injection Vulnerability Date: 2011/10/18 Author: I2sec-dae jin Oh Software Link: http://sourceforge.net/projects/openemr/files/OpenEMR%20Current/4.1.0/openemr-4.1.0.zip/download Vendor : www.open-emr.com Versio...
Cross site scripting
Armorlogic Profense Web Application Firewall before 2.2.22, and 2.4.x before 2.4.4, does not properly implement the "positive model," which allows remote attackers to bypass certain protection mechanisms via a %0A encoded newline, as demonstrated by a %0A in a cross-site scripting XSS attack URL...
GOnicus System Administrator php injection
I. BACKGROUND The GOnicus System Administrator is a PHP based administration tool for managing accounts/systems in LDAP databases. Project homepage : http://www.gonicus.de II. DESCRIPTION A remote attacker can inject into GOsa arbitrary PHP code that executes under the privileges of the underlyin...