32 matches found
EUVD-2010-4877
Malware in sbrugna...
EUVD-2010-4874
Malware in sbrugna...
EUVD-2010-4879
Malware in sbrugna...
EUVD-2010-4880
Malware in sbrugna...
ColdBookmarks 1.22 SQL Injection Vulnerability
No description provided by source. ColdGen - coldbookmarks v1.22 Remote 0day SQL Injection vulnerability Vendor: http://www.coldgen.com/ Found by: mrme net-ninja.net PoC http://target/path/index.cfm?fuseaction=EditBookmark&BookmarkID=SQLi&CFID=XXXXXX&CFTOKEN=XXXXXXXX...
ColdOfficeView 2.04 Multiple Blind SQL Injection Vulnerabilities
No description provided by source. ColdGen - coldofficeview v2.04 Remote Blind SQL Injection vulnerabilities Vendor: http://www.coldgen.com/ Found by: mrme net-ninja.net PoC's 1. http://target/path/index.cfm?fuseaction=ViewEventDetails&EventID=Blind SQLi...
ColdGen ColdUserGroup Cross-Site Scripting and SQL Injection Vulnerabilities
ColdGen ColdUserGroup is prone to cross site scripting and SQL injection vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
CVE-2010-4916
Multiple SQL injection vulnerabilities in index.cfm in ColdGen ColdUserGroup 1.06 allow remote attackers to execute arbitrary SQL commands via the 1 ArticleID or 2 LibraryID parameter...
CVE-2010-4915
SQL injection vulnerability in index.cfm in ColdGen ColdBookmarks 1.22 allows remote attackers to execute arbitrary SQL commands via the BookmarkID parameter in an EditBookmark action...
CVE-2010-4913
Cross-site scripting XSS vulnerability in the search feature in ColdGen ColdUserGroup 1.06 allows remote attackers to inject arbitrary web script or HTML via the Keywords parameter. NOTE: some of these details are obtained from third party information...
CVE-2010-4910
SQL injection vulnerability in index.cfm in ColdGen ColdCalendar 2.06 allows remote attackers to execute arbitrary SQL commands via the EventID parameter in a ViewEventDetails action...
Sql injection
Multiple SQL injection vulnerabilities in index.cfm in ColdGen ColdUserGroup 1.06 allow remote attackers to execute arbitrary SQL commands via the 1 ArticleID or 2 LibraryID parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in the search feature in ColdGen ColdUserGroup 1.06 allows remote attackers to inject arbitrary web script or HTML via the Keywords parameter. NOTE: some of these details are obtained from third party information...
Sql injection
SQL injection vulnerability in index.cfm in ColdGen ColdCalendar 2.06 allows remote attackers to execute arbitrary SQL commands via the EventID parameter in a ViewEventDetails action...
Sql injection
SQL injection vulnerability in index.cfm in ColdGen ColdBookmarks 1.22 allows remote attackers to execute arbitrary SQL commands via the BookmarkID parameter in an EditBookmark action...
CVE-2010-4915
SQL injection vulnerability in index.cfm in ColdGen ColdBookmarks 1.22 allows remote attackers to execute arbitrary SQL commands via the BookmarkID parameter in an EditBookmark action...
CVE-2010-4916
Multiple SQL injection vulnerabilities in index.cfm in ColdGen ColdUserGroup 1.06 allow remote attackers to execute arbitrary SQL commands via the 1 ArticleID or 2 LibraryID parameter...
CVE-2010-4913
Cross-site scripting XSS vulnerability in the search feature in ColdGen ColdUserGroup 1.06 allows remote attackers to inject arbitrary web script or HTML via the Keywords parameter. NOTE: some of these details are obtained from third party information...
CVE-2010-4916
CVE-2010-4916 affects ColdGen ColdUserGroup 1.06. The vulnerability is a SQL injection in ColdGen ColdUserGroup’s index.cfm, exploitable via the ArticleID or LibraryID parameter to allow remote execution of arbitrary SQL commands. Exploitation specifics, affected versions beyond 1.06, and remedia...
CVE-2010-4913
The OpenVAS entry confirms that ColdGen ColdUserGroup is prone to both Cross-Site Scripting (XSS) and SQL Injection vulnerabilities. The CVE-2010-4913 entry describes an XSS flaw in the search feature of ColdGen ColdUserGroup 1.06, exploitable via the Keywords parameter to inject arbitrary script...