8 matches found
EUVD-2002-0950
Malware in sbrugna...
EUVD-2002-0949
Malware in sbrugna...
Voxel Dot Net CBMS 0.x Multiple Code Injection Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/4957/info It has been reported that multiple vulnerabilities exist in CBMS. Reportedly, it is possible to inject both JavaScript and SQL code into the system. It may be possible to execute script code within the context o...
CVE-2002-0961
Vulnerabilities in Voxel Dot Net CBMS 0.7 and earlier allow remote attackers to conduct unauthorized operations as other users, e.g. by deleting clients via dltclnt.php, possibly in a SQL injection attack...
CVE-2002-0960
Multiple cross-site scripting vulnerabilities in Voxel Dot Net CBMS 0.7 and earlier allows remote attackers to execute arbitrary script as other CBMS users...
CVE-2002-0960
CVE-2002-0960 describes multiple cross-site scripting vulnerabilities in Voxel Dot Net CBMS 0.7 and earlier . The flaws allow remote attackers to execute arbitrary script in the context of other CBMS users, implying user-session impact and potential credential exposure via manipulated inputs. The...
CVE-2002-0961
The CVE-2002-0961 entry concerns Voxel Dot Net CBMS 0.7 and earlier. Affected software: Voxel Dot Net CBMS (0.7 and earlier). Vulnerability: remote attackers may perform unauthorized operations as other users, for example deleting clients via dltclnt.php, with potential SQL injection in play. Roo...
CBMS: XSS and SQL Injection holes
CBMS: XSS and SQL Injection holes PROGRAM: CBMS VENDOR: Voxel Dot Net, Inc. [email protected] HOMEPAGE: http://www.voxel.net/projects/cbms/ VULNERABLE VERSIONS: 0.7 and possibly earlier versions as well LOGIN REQUIRED: yes SEVERITY: high VERSION OF THIS ADVISORY: 1.1 DESCRIPTION: "The CBMS is a full...