4 matches found
Sql injection
Multiple SQL injection vulnerabilities in Aeries Browser Interface ABI 3.8.3.14 in Eagle Software Aries Student Information System allow remote attackers to execute arbitrary SQL commands via the 1 GrdBk parameter to GradebookOptions.asp and the 2 SchlCode variable to loginproc.asp, a different...
CVE-2008-1548
Multiple cross-site scripting XSS vulnerabilities in Aeries Browser Interface ABI 3.8.3.14 in Eagle Software Aries Student Information System allow remote attackers to inject arbitrary web script or HTML via the 1 UserName parameter to loginproc.asp and the 2 usr parameter to Login.asp...
CVE-2008-1549
Multiple SQL injection vulnerabilities in Aeries Browser Interface ABI 3.8.3.14 in Eagle Software Aries Student Information System allow remote attackers to execute arbitrary SQL commands via the 1 GrdBk parameter to GradebookOptions.asp and the 2 SchlCode variable to loginproc.asp, a different...
CVE-2008-1548
CVE-2008-1548 describes multiple XSS vulnerabilities in Aeries Browser Interface (ABI) 3.8.3.14 within Eagle Software’s Aries Student Information System. The issues allow remote attackers to inject arbitrary web script or HTML via (1) the UserName parameter to loginproc.asp and (2) the usr parame...