23 matches found
EUVD-2005-4388
Malware in sbrugna...
EUVD-2005-4387
Malware in sbrugna...
EUVD-2008-1979
Malware in sbrugna...
EUVD-2008-1978
Malware in sbrugna...
E-Publish 2.0 - Multiple Input Validation Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/15964/info E-Publish is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Successful exploitation of these vulnerabilities...
CVE-2008-1980
Cross-site scripting XSS vulnerability in E-Publish 5.x before 5.x-1.1 and 6.x before 6.x-1.0 beta1, a Drupal module, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2008-1981
Cross-site request forgery CSRF vulnerability in E-Publish 5.x before 5.x-1.1 and 6.x before 6.x-1.0 beta1, a Drupal module, allows remote attackers to perform unauthorized actions as other users via unspecified vectors...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in E-Publish 5.x before 5.x-1.1 and 6.x before 6.x-1.0 beta1, a Drupal module, allows remote attackers to perform unauthorized actions as other users via unspecified vectors...
Cross site scripting
Cross-site scripting XSS vulnerability in E-Publish 5.x before 5.x-1.1 and 6.x before 6.x-1.0 beta1, a Drupal module, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2008-1981
Cross-site request forgery CSRF vulnerability in E-Publish 5.x before 5.x-1.1 and 6.x before 6.x-1.0 beta1, a Drupal module, allows remote attackers to perform unauthorized actions as other users via unspecified vectors...
CVE-2008-1981
CVE-2008-1981 is a CSRF vulnerability in the Drupal module E-Publish, affecting 5.x releases before 5.x-1.1 and 6.x releases before 6.x-1.0 beta1. The issue allows remote attackers to perform unauthorized actions as other users via unspecified vectors. The connected documents confirm the affected...
CVE-2008-1980
Cross-site scripting XSS vulnerability in E-Publish 5.x before 5.x-1.1 and 6.x before 6.x-1.0 beta1, a Drupal module, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2008-1980
CVE-2008-1980 describes a cross-site scripting (XSS) vulnerability in the Drupal module E-Publish . Affected are E-Publish 5.x before 5.x-1.1 and 6.x before 6.x-1.0 beta1 . The vulnerability allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. The underlying cau...
SA-2008-029 - E-Publish - Cross site scripting and Cross site request forgeries
The contributed module E-Publish helps organize a group of nodes into a publication, such as a newspaper, magazine or newsletter. The Drupal Forms API protects against Cross Site Request Forgeries CSRF, where a malicious site can cause a user to unintentionally take actions on another site where...
CVE-2005-4393
Cross-site scripting XSS vulnerability in show.cfm in e-publish CMS 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the 1 obcatid and 2 comid parameters...
CVE-2005-4392
SQL injection vulnerability in printerfriendly.cfm in e-publish CMS 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2005-4393
Cross-site scripting XSS vulnerability in show.cfm in e-publish CMS 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the 1 obcatid and 2 comid parameters...
CVE-2005-4392
SQL injection vulnerability in printerfriendly.cfm in e-publish CMS 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2005-4393
CVE-2005-4393 describes a cross-site scripting (XSS) vulnerability in the show.cfm component of the e-publish CMS, version 2.0 and earlier. The underlying issue allows remote attackers to inject arbitrary web script or HTML by supplying the parameters (1) obcatid and (2) comid). Affected product:...
CVE-2005-4392
CVE-2005-4392 describes an SQL injection in printer_friendly.cfm of e-publish CMS 2.0 and earlier, enabling remote users to execute arbitrary SQL via the id parameter. The vulnerability is documented across NVD/NVD-derived records with a CVSS v2 base score of 7.5 (HIGH). Affected product: e-publi...