32 matches found
EUVD-2010-4874
Malware in sbrugna...
EUVD-2010-4879
Malware in sbrugna...
EUVD-2010-4877
Malware in sbrugna...
EUVD-2010-4880
Malware in sbrugna...
ColdBookmarks 1.22 SQL Injection Vulnerability
No description provided by source. ColdGen - coldbookmarks v1.22 Remote 0day SQL Injection vulnerability Vendor: http://www.coldgen.com/ Found by: mrme net-ninja.net PoC http://target/path/index.cfm?fuseaction=EditBookmark&BookmarkID=SQLi&CFID=XXXXXX&CFTOKEN=XXXXXXXX...
ColdOfficeView 2.04 Multiple Blind SQL Injection Vulnerabilities
No description provided by source. ColdGen - coldofficeview v2.04 Remote Blind SQL Injection vulnerabilities Vendor: http://www.coldgen.com/ Found by: mrme net-ninja.net PoC's 1. http://target/path/index.cfm?fuseaction=ViewEventDetails&EventID=Blind SQLi...
ColdGen ColdUserGroup Cross-Site Scripting and SQL Injection Vulnerabilities
ColdGen ColdUserGroup is prone to cross site scripting and SQL injection vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
CVE-2010-4916
Multiple SQL injection vulnerabilities in index.cfm in ColdGen ColdUserGroup 1.06 allow remote attackers to execute arbitrary SQL commands via the 1 ArticleID or 2 LibraryID parameter...
CVE-2010-4913
Cross-site scripting XSS vulnerability in the search feature in ColdGen ColdUserGroup 1.06 allows remote attackers to inject arbitrary web script or HTML via the Keywords parameter. NOTE: some of these details are obtained from third party information...
CVE-2010-4915
SQL injection vulnerability in index.cfm in ColdGen ColdBookmarks 1.22 allows remote attackers to execute arbitrary SQL commands via the BookmarkID parameter in an EditBookmark action...
CVE-2010-4910
SQL injection vulnerability in index.cfm in ColdGen ColdCalendar 2.06 allows remote attackers to execute arbitrary SQL commands via the EventID parameter in a ViewEventDetails action...
Sql injection
Multiple SQL injection vulnerabilities in index.cfm in ColdGen ColdUserGroup 1.06 allow remote attackers to execute arbitrary SQL commands via the 1 ArticleID or 2 LibraryID parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in the search feature in ColdGen ColdUserGroup 1.06 allows remote attackers to inject arbitrary web script or HTML via the Keywords parameter. NOTE: some of these details are obtained from third party information...
Sql injection
SQL injection vulnerability in index.cfm in ColdGen ColdBookmarks 1.22 allows remote attackers to execute arbitrary SQL commands via the BookmarkID parameter in an EditBookmark action...
Sql injection
SQL injection vulnerability in index.cfm in ColdGen ColdCalendar 2.06 allows remote attackers to execute arbitrary SQL commands via the EventID parameter in a ViewEventDetails action...
CVE-2010-4916
Multiple SQL injection vulnerabilities in index.cfm in ColdGen ColdUserGroup 1.06 allow remote attackers to execute arbitrary SQL commands via the 1 ArticleID or 2 LibraryID parameter...
CVE-2010-4913
Cross-site scripting XSS vulnerability in the search feature in ColdGen ColdUserGroup 1.06 allows remote attackers to inject arbitrary web script or HTML via the Keywords parameter. NOTE: some of these details are obtained from third party information...
CVE-2010-4916
CVE-2010-4916 affects ColdGen ColdUserGroup 1.06. The vulnerability is a SQL injection in ColdGen ColdUserGroup’s index.cfm, exploitable via the ArticleID or LibraryID parameter to allow remote execution of arbitrary SQL commands. Exploitation specifics, affected versions beyond 1.06, and remedia...
CVE-2010-4910
.Product: ColdGen ColdCalendar 2.06. Vulnerability: SQL injection in the index.cfm handling ViewEventDetails with the EventID parameter, allowing remote execution of arbitrary SQL commands. Root cause: Improper input handling leading to SQLi. Impact: potential data exposure/modification, dependin...
CVE-2010-4915
CVE-2010-4915 affects ColdGen ColdBookmarks 1.22, with a vulnerability in the index.cfm function where the BookmarkID parameter in an EditBookmark action enables SQL injection, allowing remote attackers to execute arbitrary SQL commands. The issue is tied to improper handling of the BookmarkID in...