EUVD-2005-2987

Malware in sbrugna...

Digital Scribe 1.4.1 - Multiple SQL Injection Vulnerabilities

No description provided by source. Digital Scribe 1.4.1 Multiple SQL Injection Vulnerabilities Name Digital Scribe Vendor http://www.digital-scribe.org Versions Affected 1.4.1 Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta at gmail dot com Da...

Digital Scribe 1.4 Login SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14843/info Digital Scribe is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation cou...

Digital Scribe 1.x Error Function Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8551/info A problem has been reported in the checking of input by Digital Scribe, potentially allow for cross-site scripting attacks. Because of this, it may be possible for an attacker to steal cookie authentication...

Digital Scribe 1.5 (register_form()) Multiple POST XSS Vulnerabilities

No description provided by source. !-- Digital Scribe 1.5 registerform Multiple POST XSS Vulnerabilities Vendor: Digital Scribe Product web page: http://www.digital-scribe.org Affected version: 1.5 Summary: The Digital Scribe is a free, intuitive system designed to help teachers put student work...

Digital Scribe 1.5 Cross Site Request Forgery

Digital Scribe v1.5 CSRF Vulnerability Author : Muhammet Cagri Tepebasili Date : 11.11.2011 Script Homepage and Download : http://www.digital-scribe.org/ Version : 1.5 Tested on : Linux Mint 11 Exploit : New Password: New E-mail: Greetz : Eymen Sen and Cafer K.Sezer...

Digital Scribe v1.5 CSRF Vulnerability

Exploit for php platform in category web applications Digital Scribe v1.5 CSRF Vulnerability Author : Muhammet Cagri Tepebasili Date : 11.11.2011 Script Homepage and Download : http://www.digital-scribe.org/ Version : 1.5 Tested on : Linux Mint 11 Exploit : New Password: New E-mail: Greetz : Eyme...

Digital Scribe 1.5 Cross Site Scripting

25: 26: 27: Title:" SIZE=4 Mr., Mrs., etc 28: 29: Last Name:" 30: Password: 31: 32: Password Again: 33: 34: E-Mail:INPUT TYPE=TEXT NAME=e...

Digital Scribe 1.5 - register_form()' Multiple POST Cross-Site Scripting Vulnerabilities

25: 26: 27: Title:" SIZE=4 Mr., Mrs., etc 28: 29: Last Name:" 30: Password: 31: 32: Password Again: 33: 34: E-Mail:INPUT TYPE=TEXT NAME=email SIZE=34 VALUE=?php echo $POS...

Digital Scribe 1.5 - register_form() Multiple POST Cross-Site Scripting Vulnerabilities

Digital Scribe 1.5 - registerform Multiple POST Cross-Site Scripting Vulnerabilities 25: 26: 27: Title:" SIZE=4 Mr., Mrs., etc 28: 29: Last Name:" 30: Password: 31: 32: Password Again: 33: 34: E-Mail:INP...

Digital Scribe 1.5 (register_form()) Multiple POST XSS Vulnerabilities

Exploit for php platform in category web applications 25: 26: 27: Title:" SIZE=4 Mr., Mrs., etc 28: 29: Last Name:" 30: Password: 31: 32: Password Again: 33: 34: E-Mail:t...

Digital Scribe 1.5 (register_form()) Multiple POST XSS Vulnerabilities

Summary The Digital Scribe is a free, intuitive system designed to help teachers put student work and homework assignments online. Description Digital Scribe suffers from multiple POST XSS vulnerabilities. Input thru the POST parameters 'title', 'last' and 'email' in register.php is not sanitized...

Digital Scribe 1.4.1 Multiple SQL Injection Vulnerabilities

Digital Scribe 1.4.1 Multiple SQL Injection Vulnerabilities Name Digital Scribe Vendor http://www.digital-scribe.org Versions Affected 1.4.1 Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta at gmail dot com Date 2009-12-11 X. INDEX I. ABOUT THE...

Digital Scribe 1.4.1 Multiple SQL Injection Vulnerabilities

No description provided by source. Name Digital Scribe Vendor http://www.digital-scribe.org Versions Affected 1.4.1 Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta at gmail dot com Date 2009-12-11 X. INDEX I. ABOUT THE APPLICATION II...

Digital Scribe 1.4.1 SQL Injection

Digital Scribe 1.4.1 Multiple SQL Injection Vulnerabilities Name Digital Scribe Vendor http://www.digital-scribe.org Versions Affected 1.4.1 Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta at gmail dot com Date 2009-12-11 X. INDEX I. ABOUT THE...

Digital Scribe 1.4.1 - Multiple SQL Injections

Digital Scribe 1.4.1 Multiple SQL Injection Vulnerabilities Name Digital Scribe Vendor http://www.digital-scribe.org Versions Affected 1.4.1 Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta at gmail dot com Date 2009-12-11 X. INDEX I. ABOUT THE...

Digital Scribe 1.4.1 Multiple SQL Injection Vulnerabilities

Exploit for unknown platform in category web applications =========================================================== Digital Scribe 1.4.1 Multiple SQL Injection Vulnerabilities =========================================================== Digital Scribe 1.4.1 Multiple SQL Injection Vulnerabilities...

Digital Scribe 1.4.1 - Multiple SQL Injections

Digital Scribe 1.4.1 - Multiple SQL Injections Digital Scribe 1.4.1 Multiple SQL Injection Vulnerabilities Name Digital Scribe Vendor http://www.digital-scribe.org Versions Affected 1.4.1 Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta at gmai...

Digital Scribe login.php SQL Injection flaw

The version of Digital Scribe installed on the remote host is prone to SQL injection attacks through the SPDX-FileCopyrightText: 2005 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Digital Scribe login.php SQL Injection flaw

The remote web server contains a PHP script which is vulnerable to a SQL injection. Description : The remote web server hosts Digital Scribe, a student-teacher set of scripts written in PHP. The version of Digital Scribe installed on the remote host is prone to SQL injection attacks through the...