7 matches found
CVE-2008-5934
SQL injection vulnerability in index.php in CMS ISWEB 3.0 allows remote attackers to execute arbitrary SQL commands via the idsezione parameter...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in index.php in CMS ISWEB 3.0 allow remote attackers to inject arbitrary web script or HTML via 1 the strcerca parameter aka the input field for the cerca action or 2 the idoggetto parameter. NOTE: some of these details are obtained from third par...
Sql injection
SQL injection vulnerability in index.php in CMS ISWEB 3.0 allows remote attackers to execute arbitrary SQL commands via the idsezione parameter...
CVE-2008-5934
SQL injection vulnerability in index.php in CMS ISWEB 3.0 allows remote attackers to execute arbitrary SQL commands via the idsezione parameter...
CVE-2008-5934
CVE-2008-5934 describes a SQL injection vulnerability in the CMS ISWEB 3.0, specifically in the file index.php, where the parameter id_sezione can be manipulated to cause arbitrary SQL commands to be executed by an attacker. The vulnerability is exploitable remotely and can affect the confidentia...
CVE-2008-5933
The CVE-2008-5933 entry documents multiple cross-site scripting (XSS) flaws in CMS ISWEB 3.0, specifically in index.php where the strcerca and id_oggetto parameters can be used to inject arbitrary web script or HTML. The vulnerability arises from unsafely handling these inputs, enabling an attack...
CVE-2008-5933
Multiple cross-site scripting XSS vulnerabilities in index.php in CMS ISWEB 3.0 allow remote attackers to inject arbitrary web script or HTML via 1 the strcerca parameter aka the input field for the cerca action or 2 the idoggetto parameter. NOTE: some of these details are obtained from third par...