EUVD-2008-2836

Malware in sbrugna...

EUVD-2008-2835

Malware in sbrugna...

CVE-2008-2843

Multiple SQL injection vulnerabilities in doITLive CMS 2.50 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 ID parameter in an USUB action to default.asp and the 2 LicenceSpecialLicenseNumber aka LicenceId cookie to edit/default.asp...

Cross site scripting

Cross-site scripting XSS vulnerability in edit/showmedia.asp in doITLive CMS 2.50 and earlier allows remote attackers to inject arbitrary web script or HTML via the FILE parameter...

CVE-2008-2842

Cross-site scripting XSS vulnerability in edit/showmedia.asp in doITLive CMS 2.50 and earlier allows remote attackers to inject arbitrary web script or HTML via the FILE parameter...

Sql injection

Multiple SQL injection vulnerabilities in doITLive CMS 2.50 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 ID parameter in an USUB action to default.asp and the 2 LicenceSpecialLicenseNumber aka LicenceId cookie to edit/default.asp...

CVE-2008-2842

Cross-site scripting XSS vulnerability in edit/showmedia.asp in doITLive CMS 2.50 and earlier allows remote attackers to inject arbitrary web script or HTML via the FILE parameter...

CVE-2008-2842

Cross-site scripting XSS vulnerability in edit/showmedia.asp in doITLive CMS 2.50 and earlier allows remote attackers to inject arbitrary web script or HTML via the FILE parameter...

CVE-2008-2842

The CVE-2008-2842 entry describes a cross-site scripting (XSS) vulnerability in doITLive CMS versions 2.50 and earlier. The issue affects the edit/showmedia.asp path where the FILE parameter can be exploited to inject arbitrary web script or HTML. The provided documents do not specify affected ve...

CVE-2008-2843

Multiple SQL injection vulnerabilities in doITLive CMS 2.50 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 ID parameter in an USUB action to default.asp and the 2 LicenceSpecialLicenseNumber aka LicenceId cookie to edit/default.asp...

CVE-2008-2843

CVE-2008-2843 affects doITLive CMS 2.50 and earlier, with multiple SQL injection paths allowing remote attackers to execute arbitrary SQL via (1) the ID parameter in an USUB action to default.asp and (2) the Licence[SpecialLicenseNumber] cookie (LicenceId) to edit/default.asp. The available docum...

doITlive CMS <= 2.50 (SQL Injection/XSS) Multiple Vulnerabilities

No description provided by source. www.BugReport.ir AmnPardaz Security Research Team Title: doITlive CMS =2.50 SQL Injection/XSS Multiple Vulnerabilities Vendor: www.doitlive.com Vulnerable Version: 2.50 and prior versions Exploit: Available Impact: High Fix: N/A Original Advisory:...

doITlive CMS 2.50 - SQL Injection Cross-Site Scripting

doITlive CMS 2.50 - SQL Injection Cross-Site Scripting www.BugReport.ir AmnPardaz Security Research Team Title: doITlive CMS =2.50 SQL Injection/XSS Multiple Vulnerabilities Vendor: www.doitlive.com Vulnerable Version: 2.50 and prior versions Exploit: Available Impact: High Fix: N/A Original...

doITlive CMS <= 2.50 (SQL Injection/XSS) Multiple Vulnerabilities

Exploit for unknown platform in category web applications ================================================================= doITlive CMS = 2.50 SQL Injection/XSS Multiple Vulnerabilities ================================================================= AmnPardaz Security Research Team Title:...

doITlive CMS &lt;= 2.50 (SQL Injection/XSS) Multiple Vulnerabilities

No description provided by source. www.BugReport.ir AmnPardaz Security Research Team Title: doITlive CMS =2.50 SQL Injection/XSS Multiple Vulnerabilities Vendor: www.doitlive.com Vulnerable Version: 2.50 and prior versions Exploit: Available Impact: High Fix: N/A Original Advisory:...

doitlivecms-sqlxss.txt

www.BugReport.ir AmnPardaz Security Research Team Title: doITlive CMS =2.50 SQL Injection/XSS Multiple Vulnerabilities Vendor: www.doitlive.com Vulnerable Version: 2.50 and prior versions Exploit: Available Impact: High Fix: N/A Original Advisory: www.bugreport.ir/?/43 1. Description: User friend...

doITlive CMS 2.50 - SQL Injection / Cross-Site Scripting

www.BugReport.ir AmnPardaz Security Research Team Title: doITlive CMS =2.50 SQL Injection/XSS Multiple Vulnerabilities Vendor: www.doitlive.com Vulnerable Version: 2.50 and prior versions Exploit: Available Impact: High Fix: N/A Original Advisory: www.bugreport.ir/?/43 1. Description: User friend...