16 matches found
EUVD-2009-4510
Malware in sbrugna...
EUVD-2009-4509
Malware in sbrugna...
EUVD-2007-1135
Malware in sbrugna...
CVE-2009-4543
PHP remote file inclusion vulnerability in index.php in Cromosoft Technologies Facil Helpdesk 2.3 Lite allows remote attackers to execute arbitrary PHP code via a URL in the lng parameter. NOTE: this can also be leveraged to include and execute arbitrary local files via .. dot dot sequences...
CVE-2009-4544
Cross-site scripting XSS vulnerability in kbase/kbase.php in Cromosoft Technologies Facil Helpdesk 2.3 Lite allows remote attackers to inject arbitrary web script or HTML via the PATHINFO...
Cross site scripting
Cross-site scripting XSS vulnerability in kbase/kbase.php in Cromosoft Technologies Facil Helpdesk 2.3 Lite allows remote attackers to inject arbitrary web script or HTML via the PATHINFO...
CVE-2009-4544
The CVE-2009-4544 issue affects Cromosoft Technologies Facil Helpdesk 2.3 Lite’s kbase/kbase.php, where a Cross-site Scripting (XSS) flaw allows remote attackers to inject arbitrary web script or HTML via PATH_INFO. The NVD records a MEDIUM severity (CVSS v2 base score 4.3) with network access an...
CVE-2009-4543
CVE-2009-4543 affects Cromosoft Technologies Facil Helpdesk 2.3 Lite. The issue is a PHP remote file inclusion in index.php via the lng parameter, which can also be triggered to include and execute local files through .. sequences. Documented impact is arbitrary PHP code execution with network ac...
Unrestricted file upload
Unrestricted file upload vulnerability in Cromosoft Simple Plantilla PHP SPP allows remote attackers to upload arbitrary scripts via a filename with a double extension...
CVE-2007-1139
Unrestricted file upload vulnerability in Cromosoft Simple Plantilla PHP SPP allows remote attackers to upload arbitrary scripts via a filename with a double extension...
CVE-2007-1139
Unrestricted file upload vulnerability in Cromosoft Simple Plantilla PHP SPP allows remote attackers to upload arbitrary scripts via a filename with a double extension...
CVE-2007-1138
Absolute path traversal vulnerability in listmainpages.php in Cromosoft Simple Plantilla PHP SPP allows remote attackers to list arbitrary directories, and read arbitrary files, via an absolute pathname in the nfolder parameter...
CVE-2007-1138
CVE-2007-1138 affects Cromosoft Simple Plantilla PHP (SPP). A vulnerability in list_main_pages.php allows absolute path traversal via the nfolder parameter, enabling remote attackers to list arbitrary directories and read arbitrary files. The issue is rooted in an improper handling of absolute pa...
CVE-2007-1138
Absolute path traversal vulnerability in listmainpages.php in Cromosoft Simple Plantilla PHP SPP allows remote attackers to list arbitrary directories, and read arbitrary files, via an absolute pathname in the nfolder parameter...
CVE-2007-1139
Unrestricted file upload vulnerability in Cromosoft Simple Plantilla PHP SPP allows remote attackers to upload arbitrary scripts via a filename with a double extension...
CVE-2007-1139
CVE-2007-1139 describes an unrestricted file upload vulnerability in Cromosoft Simple Plantilla PHP (SPP). The flaw allows remote attackers to upload arbitrary scripts by using a filename with a double extension, enabling potential code execution or defacement on the affected server. The NVD entr...