12 matches found
EUVD-2010-2722
Malware in sbrugna...
CruxPA 'txtusername' and 'todo' Cross Site Scripting Vulnerability
CruxPA is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:cruxsoftware:cruxpa"...
CruxSoftware Products Version Detection
This script finds the running CruxSoftware Products version. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2010-2718
Multiple cross-site scripting XSS vulnerabilities in CruxSoftware CruxPA 2.00, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the 1 txtusername parameter to login.php, 2 todo parameter to newtodo.php, and unspecified vectors to 3 newtelephone.php and 4...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in CruxSoftware CruxPA 2.00, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the 1 txtusername parameter to login.php, 2 todo parameter to newtodo.php, and unspecified vectors to 3 newtelephone.php and 4...
CVE-2010-2718
CruxPA 2.00 (CruxSoftware) is affected by CVE-2010-2718 due to input sanitation failures that enable cross-site scripting. The vulnerabilities are triggered via: (1) txtusername in login.php, (2) todo in newtodo.php, and unspecified vectors in (3) newtelephone.php and (4) newappointment.php. Open...
XSS vulnerability in CruxPA
Vulnerability ID: HTB22452 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityincruxpa3.html Product: CruxPA Vendor: CruxSoftware Vulnerable Version: 2.00 and Probably Prior Versions Vendor Notification: 21 June 2010 Vulnerability Type: XSS Cross Site Scripting Status: Not Fixed, Vendor...
XSS vulnerability in CruxPA
Vulnerability ID: HTB22450 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityincruxpa1.html Product: CruxPA Vendor: CruxSoftware Vulnerable Version: 2.00 and Probably Prior Versions Vendor Notification: 21 June 2010 Vulnerability Type: XSS Cross Site Scripting Status: Not Fixed, Vendor...
XSS vulnerability in CruxPA
Vulnerability ID: HTB22451 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityincruxpa2.html Product: CruxPA Vendor: CruxSoftware Vulnerable Version: 2.00 and Probably Prior Versions Vendor Notification: 21 June 2010 Vulnerability Type: XSS Cross Site Scripting Status: Not Fixed, Vendor...
XSS vulnerability in CruxPA
Vulnerability ID: HTB22449 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityincruxpa.html Product: CruxPA Vendor: CruxSoftware Vulnerable Version: 2.00 and Probably Prior Versions Vendor Notification: 21 June 2010 Vulnerability Type: XSS Cross Site Scripting Status: Not Fixed, Vendor...
CruxPA 2.00 Cross Site Scripting
================================================ Vulnerability ID: HTB22452 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityincruxpa3.html Product: CruxPA Vendor: CruxSoftware Vulnerable Version: 2.00 and Probably Prior Versions Vendor Notification: 21 June 2010 Vulnerability Type: XSS...
Cross-site Scripting (XSS) Vulnerabilities in CruxPA
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in CruxPA which could be exploited to perform cross-site scripting and script insertion attacks. 1 Cross-site scripting XSS vulnerability in CruxPA: CVE-2010-2718 The vulnerability exists due to input sanitation err...