24 matches found
EUVD-2006-5928
Malware in sbrugna...
EUVD-2006-5995
Malware in sbrugna...
Car Site Manager csm/asp/detail.asp p Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/21066/info Car Site Manager is prone to multiple SQL-injection and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to stea...
Car Site Manager Database Disclosure
======================================================================================== | Title : Car Site Manager Asp Backup Dump Vulnerability | Author : indoushka | Home : http://dl.p30vel.ir/scripts/carsitemanageraspnuledscripts.zip | Bug : Backup ====================== Exploit By indoushka...
CVE-2006-6012
Cross-site scripting XSS vulnerability in csm/asp/listings.asp in MGinternet Car Site Manager CSM allows remote attackers to inject arbitrary web script or HTML via the p parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2006-6012
Cross-site scripting XSS vulnerability in csm/asp/listings.asp in MGinternet Car Site Manager CSM allows remote attackers to inject arbitrary web script or HTML via the p parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2006-6012
The CVE-2006-6012 entry describes a Cross-site scripting (XSS) vulnerability in MGinternet Car Site Manager (CSM), specifically in the file path csm/asp/listings.asp, exploitable via the p parameter. The affected component is the CSM web application; the underlying cause is improper handling of i...
CVE-2006-5945
Multiple SQL injection vulnerabilities in MGinternet Car Site Manager CSM allow remote attackers to execute arbitrary SQL commands via the 1 p parameter to a csm/asp/detail.asp, or the 2 l, 3 typ, or 4 loc parameter to b csm/asp/listings.asp...
CVE-2006-5944
Cross-site scripting XSS vulnerability in csm/asp/listings.asp in MGinternet Car Site Manager CSM allows remote attackers to inject arbitrary web script or HTML via the s parameter...
CVE-2006-5944
Cross-site scripting XSS vulnerability in csm/asp/listings.asp in MGinternet Car Site Manager CSM allows remote attackers to inject arbitrary web script or HTML via the s parameter...
PT-2006-6609 · Mginternet · Mginternet Car Site Manager
Name of the Vulnerable Software and Affected Versions: MGinternet Car Site Manager CSM affected versions not specified Description: A cross-site scripting XSS issue exists, allowing remote attackers to inject arbitrary web script or HTML via the s parameter in the /csm/asp/listings.asp API...
EUVD-2006-5927
Cross-site scripting XSS vulnerability in csm/asp/listings.asp in MGinternet Car Site Manager CSM allows remote attackers to inject arbitrary web script or HTML via the s parameter...
CVE-2006-5945
Multiple SQL injection vulnerabilities in MGinternet Car Site Manager CSM allow remote attackers to execute arbitrary SQL commands via the 1 p parameter to a csm/asp/detail.asp, or the 2 l, 3 typ, or 4 loc parameter to b csm/asp/listings.asp...
PT-2006-6610 · Mginternet · Mginternet Car Site Manager
Name of the Vulnerable Software and Affected Versions: MGinternet Car Site Manager CSM affected versions not specified Description: The issue allows remote attackers to execute arbitrary SQL commands. This can be achieved via the p parameter to the "/csm/asp/detail.asp" API endpoint, or the l, ty...
CVE-2006-5944
MGinternet Car Site Manager (CSM) is affected by an XSS vulnerability in csm/asp/listings.asp via the s parameter. The issue is documented across multiple sources identifying a cross-site scripting flaw in the API endpoint /csm/asp/listings.asp, which could allow remote attackers to inject arbitr...
CVE-2006-5945
The CVE-2006-5945 entry details multiple SQL injection flaws in MGinternet Car Site Manager (CSM). The vulnerability enables remote execution of arbitrary SQL commands via the p parameter to csm/asp/detail.asp and via the l, typ, or loc parameters to csm/asp/listings.asp. Connected sources corrob...
Car Site Manager [injection sql & xss (get)]
Car Site Manager injection sql & xss get vendor site:http://www.mginternet.com/ product:Car Site Manager bug:injection sql risk:medium injection sql : http://site.com/csm/asp/detail.asp?l=&p='sql http://site.com/csm/asp/listings.asp?l='sql http://site.com/csm/asp/listings.asp?s=search&typ='sql...
carsite.txt
Car Site Manager injection sql & xss get vendor site:http://www.mginternet.com/ product:Car Site Manager bug:injection sql risk:medium injection sql : http://site.com/csm/asp/detail.asp?l=&p='sql http://site.com/csm/asp/listings.asp?l='sql http://site.com/csm/asp/listings.asp?s=search&typ='sql...
Car Site Manager - csmasplistings.asp Multiple Cross-Site Scripting Vulnerabilities
Car Site Manager - csmasplistings.asp Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/21066/info Car Site Manager is prone to multiple SQL-injection and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data...
Car Site Manager - csmasplistings.asp Multiple SQL Injections
Car Site Manager - csmasplistings.asp Multiple SQL Injections source: https://www.securityfocus.com/bid/21066/info Car Site Manager is prone to multiple SQL-injection and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues cou...