6 matches found
EUVD-2007-2006
Malware in sbrugna...
CVE-2007-2011
Cross-site scripting XSS vulnerability in login.php in DeskPro 2.0.1 allows remote attackers to inject arbitrary web script or HTML via the username parameter...
CVE-2007-2011
CVE-2007-2011 is a Cross-site Scripting (XSS) vulnerability affecting DeskPro 2.0.1, exploitable via the username parameter in login.php. The issue is documented across multiple sources (NVD/NVD-derived entries, CVE lists, and related advisories) with a CVSS v2 base score of 4.3 (Medium) indicati...
DeskPro 2.0.1 - login.php HTML Injection
DeskPro 2.0.1 - login.php HTML Injection source: https://www.securityfocus.com/bid/23381/info DeskPRO is prone to an HTML-injection scripting vulnerability because the application fails to properly sanitize user-supplied input. Attacker-supplied HTML and script code would execute in the context o...
DeskPro 2.0.1 - 'login.php' HTML Injection
source: https://www.securityfocus.com/bid/23381/info DeskPRO is prone to an HTML-injection scripting vulnerability because the application fails to properly sanitize user-supplied input. Attacker-supplied HTML and script code would execute in the context of the affected site, potentially allowing...
CVE-2006-6159
CVE-2006-6159 describes multiple cross-site scripting (XSS) vulnerabilities in DeskPRO 2.0.0 and 2.0.1, exploitable via the message or subject parameters in newticket.php. The underlying issue is that remote attackers can inject arbitrary web script or HTML. The CVSS basis is 6.8 (Medium), with n...