44 matches found
EUVD-2008-3826
Malware in sbrugna...
EUVD-2008-1192
Malware in sbrugna...
EUVD-2004-2347
Malware in sbrugna...
EUVD-2008-0855
Malware in sbrugna...
EUVD-2008-3831
Malware in sbrugna...
EUVD-2008-3496
Malware in sbrugna...
Crafty Syntax Live Help 2.9.9 - Multiple Remote File Include Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/20711/info Crafty Syntax Live Help is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the...
Crafty Syntax Live Help <= 2.14.6 (department) SQL Injection Vuln
No description provided by source. Crafty Syntax Live Help = 2.14.6 SQL Injection August 25, 2008 Vendor : Eric Gerdes URL : http://www.craftysyntax.com Version : Crafty Syntax Live Help = 2.14.6 Risk : SQL Injection Description: Crafty Syntax Live Help is a full featured, open source, online...
Crafty Syntax Live Help 2.14.6 'livehelp_js.php' Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/30543/info Crafty Syntax Live Help CSLH is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script...
Crafty Syntax Live Help 3.1.2 - Remote File Inclusion Full Path Disclosure
Crafty Syntax Live Help 3.1.2 - Remote File Inclusion Full Path Disclosure source: https://www.securityfocus.com/bid/59322/info Crafty Syntax Live Help is prone to a remote file-include vulnerability and a path-disclosure vulnerability because it fails to sufficiently sanitize user-supplied input...
Crafty Syntax Live Help RFI / Path Disclosure
Exploit Title : Crafty Syntax Live Help = 2.. & 3.. RFI + Path Disclosure Date : 4/19/2013 Author : ITTIHACK Home : http://ittihack.com Vendor : http://www.craftysyntax.com Download : http://www.craftysyntax.com/craftysyntax3.4.1.zip Version : 2. and 3. , All versions Category : webapps Google do...
Crafty Syntax Live Help 3.1.2 - Remote File Inclusion / Full Path Disclosure
source: https://www.securityfocus.com/bid/59322/info Crafty Syntax Live Help is prone to a remote file-include vulnerability and a path-disclosure vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting these issues could allow an attacker to obtain sensitive...
CVE-2008-3845
Multiple SQL injection vulnerabilities in Crafty Syntax Live Help CSLH 2.14.6 and earlier allow remote attackers to execute arbitrary SQL commands via the department parameter to 1 isxmlhttp.php and 2 isflush.php...
Sql injection
Multiple SQL injection vulnerabilities in Crafty Syntax Live Help CSLH 2.14.6 and earlier allow remote attackers to execute arbitrary SQL commands via the department parameter to 1 isxmlhttp.php and 2 isflush.php...
CVE-2008-3845
Multiple SQL injection vulnerabilities in Crafty Syntax Live Help CSLH 2.14.6 and earlier allow remote attackers to execute arbitrary SQL commands via the department parameter to 1 isxmlhttp.php and 2 isflush.php...
CVE-2008-3845
Crafty Syntax Live Help (CSLH) prior to version 2.14.6 contains multiple SQL injection vulnerabilities in the server-side logic handling the department parameter for is_xmlhttp.php and is_flush.php. The underlying issue is unsafely constructed SQL queries that allow remote attackers to alter data...
CVE-2008-3840
Crafty Syntax Live Help CSLH 2.14.6 and earlier stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information...
CVE-2008-3840
The CVE-2008-3840 entry concerns Crafty Syntax Live Help (CSLH) 2.14.6 and earlier, where passwords are stored in cleartext in a MySQL database. The root cause is insecure password storage in plaintext, enabling an attacker with context access to obtain sensitive information from the database. Th...
CVE-2008-3840
Crafty Syntax Live Help CSLH 2.14.6 and earlier stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information...
crafty-sql.txt
GulfTech Security Research August 25, 2008 Vendor : Eric Gerdes URL : http://www.craftysyntax.com Version : Crafty Syntax Live Help = 2.14.6 Risk : SQL Injection Description: Crafty Syntax Live Help is a full featured, open source, online support system written in php that allows the visitors of ...