EUVD-2008-6476

Malware in sbrugna...

CVE-2008-6509

SQL injection vulnerability in CallLogDAO in SIP Plugin in Openfire 3.6.0a and earlier allows remote attackers to execute arbitrary SQL commands via the type parameter to sipark-log-summary.jsp...

CVE-2008-6509

SQL injection vulnerability in CallLogDAO in SIP Plugin in Openfire 3.6.0a and earlier allows remote attackers to execute arbitrary SQL commands via the type parameter to sipark-log-summary.jsp...

CVE-2008-6509

CVE-2008-6509 concerns Openfire (Jive Software) Openfire server. It is an SQL injection in the SIP plugin’s sipark-log-summary.jsp where the unsanitized input for the type parameter is used to build SQL statements. A remote attacker could execute arbitrary SQL via the type parameter, potentially ...

Openfire Server 3.6.0a - Authentication Bypass SQL Injection Cross-Site Scripting

Openfire Server 3.6.0a - Authentication Bypass SQL Injection Cross-Site Scripting Advisory: Openfire Server Multiple Vulnerabilities Advisory ID: AKADV2008-001 Release Date: 2008/11/07 Revision: 1.0 Last Modified: 2008/11/07 Date Reported: 2008/05/17 Author: Andreas Kurtz mail at andreas-kurtz.de...

Openfire Server 3.6.0a - Authentication Bypass / SQL Injection / Cross-Site Scripting

Advisory: Openfire Server Multiple Vulnerabilities Advisory ID: AKADV2008-001 Release Date: 2008/11/07 Revision: 1.0 Last Modified: 2008/11/07 Date Reported: 2008/05/17 Author: Andreas Kurtz mail at andreas-kurtz.de Affected Software: Openfire Server = 3.6.0a Remotely Exploitable: Yes Risk:...

AKADV2008-001-v1.0.txt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Advisory: Openfire Server Multiple Vulnerabilities Advisory ID: AKADV2008-001 Release Date: 2008/11/07 Revision: 1.0 Last Modified: 2008/11/07 Date Reported: 2008/05/17 Author: Andreas Kurtz mail at andreas-kurtz.de Affected Software: Openfire Serve...