13 matches found
EUVD-2005-4378
Malware in sbrugna...
EUVD-2005-4377
Malware in sbrugna...
EUVD-2005-4379
Malware in sbrugna...
CVE-2005-4383
Cross-site scripting XSS vulnerability in index.cfm in CitySoft Community Enterprise 4.x allows remote attackers to inject arbitrary web script or HTML via the 1 presentationSite, 2 docPublishYear, 3 docDescription, 4 publishState, 5 docAuthor, 6 docTitle, 7 subTopic, 8 topic, 9 topicRadio, 10...
CVE-2005-4384
CitySoft Community Enterprise 4.x allows remote attackers to obtain the full path of the server via an invalid 1 fuseaction parameter to index.cfm and 2 documentid parameter to document/docWindow.cfm...
CVE-2005-4382
SQL injection vulnerability in CitySoft Community Enterprise 4.x allows remote attackers to execute arbitrary SQL commands via the 1 nodeID, 2 pageID, 3 ID, and 4 parentid parameter to index.cfm; and 5 documentFormatId parameter to document/docWindow.cfm...
CVE-2005-4382
The CVE-2005-4382 entry describes an SQL injection vulnerability in CitySoft Community Enterprise 4.x. The vulnerability allows remote attackers to execute arbitrary SQL commands by supplying crafted values for (1) nodeID, (2) pageID, (3) ID, (4) parentid parameters to index.cfm and (5) documentF...
CVE-2005-4384
CVE-2005-4384 affects CitySoft Community Enterprise 4.x. The vulnerability enables remote attackers to disclose the server’s full path via invalid parameters: (1) fuseaction in index.cfm and (2) documentid in document/docWindow.cfm. The connected documents provide this concrete detail; no vendor/...
CVE-2005-4384
CitySoft Community Enterprise 4.x allows remote attackers to obtain the full path of the server via an invalid 1 fuseaction parameter to index.cfm and 2 documentid parameter to document/docWindow.cfm...
CVE-2005-4382
SQL injection vulnerability in CitySoft Community Enterprise 4.x allows remote attackers to execute arbitrary SQL commands via the 1 nodeID, 2 pageID, 3 ID, and 4 parentid parameter to index.cfm; and 5 documentFormatId parameter to document/docWindow.cfm...
CVE-2005-4383
Cross-site scripting XSS vulnerability in index.cfm in CitySoft Community Enterprise 4.x allows remote attackers to inject arbitrary web script or HTML via the 1 presentationSite, 2 docPublishYear, 3 docDescription, 4 publishState, 5 docAuthor, 6 docTitle, 7 subTopic, 8 topic, 9 topicRadio, 10...
CVE-2005-4383
CVE-2005-4383 describes a cross-site scripting (XSS) vulnerability in CitySoft Community Enterprise 4.x, specifically in index.cfm. The vulnerability arises via multiple parameters (presentationSite, docPublishYear, docDescription, publishState, docAuthor, docTitle, subTopic, topic, topicRadio, t...
Community Enterprise 4.x Multiple vuln.
Community Enterprise 4.x Multiple vuln. Vuln. discovered by : r0t Date: 17 dec. 2005 orginal advisory:http://pridels.blogspot.com/2005/12/community-enterprise-4x-multiple-vuln.html vendor:http://www.citysoft.com/ affected version: 4.x and prior Product Description: CitySoft's Community Enterprise...