23 matches found
EUVD-2009-2146
Malware in sbrugna...
EUVD-2009-2145
Malware in sbrugna...
EUVD-2009-2144
Malware in sbrugna...
campus virtual-lms (xss/SQL Injection) Multiple Vulnerabilities
No description provided by source. +-----------------------------------------------------------------------------+ LMS: Campus Virtual-LMS WEB: http://campusvirtualcomputrade.cae.net Autor: Yasión Fecha: 12 jun 2009 +-----------------------------------------------------------------------------+...
CVE-2009-2150
Multiple cross-site request forgery CSRF vulnerabilities in Campus Virtual-LMS allow 1 remote attackers to hijack the authentication of arbitrary users for requests that terminate a session via login/logout.php, and might allow remote attackers to hijack the authentication of certain users via a ...
CVE-2009-2149
Multiple cross-site scripting XSS vulnerabilities in Campus Virtual-LMS allow remote attackers to inject arbitrary web script or HTML via the 1 courseid parameter to enrolments/step1.php, or the 2 search or 3 siteid parameter to files/sharedlist.php...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Campus Virtual-LMS allow remote attackers to inject arbitrary web script or HTML via the 1 courseid parameter to enrolments/step1.php, or the 2 search or 3 siteid parameter to files/sharedlist.php...
CVE-2009-2148
SQL injection vulnerability in news/index.php in Campus Virtual-LMS allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2009-2150
Multiple cross-site request forgery CSRF vulnerabilities in Campus Virtual-LMS allow 1 remote attackers to hijack the authentication of arbitrary users for requests that terminate a session via login/logout.php, and might allow remote attackers to hijack the authentication of certain users via a ...
CVE-2009-2149
Multiple cross-site scripting XSS vulnerabilities in Campus Virtual-LMS allow remote attackers to inject arbitrary web script or HTML via the 1 courseid parameter to enrolments/step1.php, or the 2 search or 3 siteid parameter to files/sharedlist.php...
Sql injection
SQL injection vulnerability in news/index.php in Campus Virtual-LMS allows remote attackers to execute arbitrary SQL commands via the id parameter...
Cross site request forgery (csrf)
Multiple cross-site request forgery CSRF vulnerabilities in Campus Virtual-LMS allow 1 remote attackers to hijack the authentication of arbitrary users for requests that terminate a session via login/logout.php, and might allow remote attackers to hijack the authentication of certain users via a ...
CVE-2009-2149
The CVE-2009-2149 entry describes multiple cross-site scripting (XSS) vulnerabilities in Campus Virtual-LMS. Attackers can inject arbitrary web script or HTML via parameters in specific pages: (1) courseid on enrolments/step1.php and (2) search or (3) siteid on files/shared_list.php. The affected...
CVE-2009-2150
CVE-2009-2150 has concrete details: CSRF vulnerabilities in Campus Virtual-LMS. The issues enable remote attackers to hijack the authentication of arbitrary users for requests that terminate a session via login/logout.php, and may also allow hijacking via ADD or DELETE actions to enrolments/step2...
CVE-2009-2148
CVE-2009-2148 refers to an SQL injection vulnerability in Campus Virtual-LMS, specifically in news/index.php, exploitable via the id parameter. The underlying issue allows remote attackers to execute arbitrary SQL commands and could lead to unauthorized access or data manipulation. Affected softw...
CVE-2009-2149
Multiple cross-site scripting XSS vulnerabilities in Campus Virtual-LMS allow remote attackers to inject arbitrary web script or HTML via the 1 courseid parameter to enrolments/step1.php, or the 2 search or 3 siteid parameter to files/sharedlist.php...
CVE-2009-2148
SQL injection vulnerability in news/index.php in Campus Virtual-LMS allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2009-2150
Multiple cross-site request forgery CSRF vulnerabilities in Campus Virtual-LMS allow 1 remote attackers to hijack the authentication of arbitrary users for requests that terminate a session via login/logout.php, and might allow remote attackers to hijack the authentication of certain users via a ...
campus virtual-lms - Cross-Site Scripting SQL Injection
campus virtual-lms - Cross-Site Scripting SQL Injection +-----------------------------------------------------------------------------+ LMS: Campus Virtual-LMS WEB: http://campusvirtualcomputrade.cae.net Autor: Yasión Fecha: 12 jun 2009...
Campus Virtual-LMS (XSS/SQL Injection) Multiple Remote Vulnerabilities
No description provided by source. +-----------------------------------------------------------------------------+ LMS: Campus Virtual-LMS WEB: http://campusvirtualcomputrade.cae.net Autor: Yasión Fecha: 12 jun 2009 +-----------------------------------------------------------------------------+...