EUVD-2005-4362

Malware in sbrugna...

EUVD-2006-1434

Malware in sbrugna...

CONTROLzx HMS 3.3.4 shared_order.php sharedPlanID Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/17282/info CONTROLzx HMS is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to...

CONTROLzx HMS 3.3.4 server_management.php plan_id Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/17282/info CONTROLzx HMS is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to...

CONTROLzx HMS 3.3.4 dedicated_order.php dedicatedPlanID Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/17282/info CONTROLzx HMS is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in CONTROLzx HMS formerly DRZES 3.3.4 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 dedicatedPlanID parameter to dedicatedorder.php, 2 sharedPlanID parameter to sharedorder.php, 3 planid parameter to...

CVE-2006-1430

Multiple cross-site scripting XSS vulnerabilities in CONTROLzx HMS formerly DRZES 3.3.4 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 dedicatedPlanID parameter to dedicatedorder.php, 2 sharedPlanID parameter to sharedorder.php, 3 planid parameter to...

CVE-2006-1430

CVE-2006-1430 affects CONTROLzx HMS (formerly DRZES) 3.3.4 and earlier. The vulnerability is described as multiple cross-site scripting (XSS) flaws that allow remote attackers to inject arbitrary script/HTML via specific user input fields: (1) dedicatedPlanID in dedicated_order.php, (2) sharedPla...

CVE-2006-1430

Multiple cross-site scripting XSS vulnerabilities in CONTROLzx HMS formerly DRZES 3.3.4 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 dedicatedPlanID parameter to dedicatedorder.php, 2 sharedPlanID parameter to sharedorder.php, 3 planid parameter to...

CONTROLzx HMS - Hosting Management System vuln.

CONTROLzx HMS - Hosting Management System vuln. Vuln. discovered by : r0t Date: 27 march 2006 vendor:http://front.controlzx.com/ affected versions:V.3.3.4 and prior orginal advisory:http://pridels.blogspot.com/2006/03/controlzx-hms-hosting-management.html Vuln. description: CONTROLzx HMS contains...

CONTROLzx Hms 3.3.4 - 'dedicated_order.php?dedicatedPlanID' Cross-Site Scripting

source: https://www.securityfocus.com/bid/17282/info CONTROLzx HMS is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code executed...

CONTROLzx Hms 3.3.4 - 'shared_order.php?sharedPlanID' Cross-Site Scripting

source: https://www.securityfocus.com/bid/17282/info CONTROLzx HMS is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code executed...

CONTROLzx Hms 3.3.4 - dedicated_order.php?dedicatedPlanID Cross-Site Scripting

CONTROLzx Hms 3.3.4 - dedicatedorder.php?dedicatedPlanID Cross-Site Scripting source: https://www.securityfocus.com/bid/17282/info CONTROLzx HMS is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input...

CONTROLzx Hms 3.3.4 - shared_order.php?sharedPlanID Cross-Site Scripting

CONTROLzx Hms 3.3.4 - sharedorder.php?sharedPlanID Cross-Site Scripting source: https://www.securityfocus.com/bid/17282/info CONTROLzx HMS is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An...

CONTROLzx Hms 3.3.4 - 'server_management.php?plan_id' Cross-Site Scripting

source: https://www.securityfocus.com/bid/17282/info CONTROLzx HMS is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code executed...

CONTROLzx Hms 3.3.4 - server_management.php?plan_id Cross-Site Scripting

CONTROLzx Hms 3.3.4 - servermanagement.php?planid Cross-Site Scripting source: https://www.securityfocus.com/bid/17282/info CONTROLzx HMS is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An...

CVE-2005-4367

Cross-site scripting XSS vulnerability in registerdomain.php in DRZES HMS 3.2 allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters, possibly the "Domain Availability" field. NOTE: this issue was later reported to affect CONTROLzx renamed from DRZES 3.3....

CVE-2005-4367

The CVE-2005-4367 entry describes an XSS in DRZES HMS 3.2 (and later CONTROLzx, renamed from DRZES, 3.3.4) via register_domain.php, likely through unspecified search parameters (potentially the Domain Availability field). Affected function is register_domain.php; root cause is improper handling/e...

CVE-2005-4367

Cross-site scripting XSS vulnerability in registerdomain.php in DRZES HMS 3.2 allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters, possibly the "Domain Availability" field. NOTE: this issue was later reported to affect CONTROLzx renamed from DRZES 3.3....