EUVD-2004-1800

Malware in sbrugna...

EUVD-2004-1799

Malware in sbrugna...

CVE-2004-1807

CVE-2004-1807 describes a cross-site scripting (XSS) vulnerability in CFWebstore 5.0’s index.cfm that allows remote attackers to inject arbitrary script or HTML via the URL. The issue affects CFWebstore 5.0, with the root cause per the records being a client-side/script injection vulnerability in...

CVE-2004-1806

SQL injection vulnerability in index.cfm in CFWebstore 5.0 allows remote attackers to execute SQL commands via the 1 categoryid, 2 productid, or 3 featureid parameters...

CVE-2004-1806

CFWebStore CFWebStore 5.0.x is vulnerable to SQL injection in index.cfm via the parameters category_id, product_id, or feature_id. The root cause is unsafe SQL construction, enabling remote attackers to run arbitrary SQL and potentially gain administrative access on affected hosts. The assessment...

CVE-2004-1807

Cross-site scripting XSS vulnerability in index.cfm in CFWebstore 5.0 allows remote attackers to inject arbitrary web script or HTML via the URL...

CVE-2004-1806

SQL injection vulnerability in index.cfm in CFWebstore 5.0 allows remote attackers to execute SQL commands via the 1 categoryid, 2 productid, or 3 featureid parameters...

CVE-2004-1807

Cross-site scripting XSS vulnerability in index.cfm in CFWebstore 5.0 allows remote attackers to inject arbitrary web script or HTML via the URL...