6 matches found
EasyBookMarker 4.0 'ajaxp_backend.php' Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/30304/info EasyBookMarker is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in th...
CVE-2008-5655
Multiple SQL injection vulnerabilities in MyioSoft EasyBookMarker 4.0 allow remote attackers to execute arbitrary SQL commands via the 1 deletefolder and 2 deletelink parameters to unspecified vectors, possibly to a plugins/bookmarker/bookmarkerbackend.php or b ajaxp.php, different vectors than...
Sql injection
SQL injection vulnerability in the loginADP function in ajaxp.php in MyioSoft EasyBookMarker 4.0 allows remote attackers to execute arbitrary SQL commands via the rsargs parameter, as reachable through the username parameter. NOTE: some of these details are obtained from third party information...
CVE-2008-5652
The CVE-2008-5652 entry concerns MyioSoft EasyBookMarker 4.0. Affected component: loginADP function in ajaxp.php. Root cause: SQL injection via the rsargs parameter, reachable through the username parameter, enabling remote SQL command execution. Exploit details in sources are provided, but expli...
CVE-2008-5655
Multiple SQL injection vulnerabilities in MyioSoft EasyBookMarker 4.0 allow remote attackers to execute arbitrary SQL commands via the 1 deletefolder and 2 deletelink parameters to unspecified vectors, possibly to a plugins/bookmarker/bookmarkerbackend.php or b ajaxp.php, different vectors than...
CVE-2008-5651
Product/affected software: MyioSoft EasyBookMarker 4.0 (plugin: bookmarks/backend). Vulnerability: SQL injection in bookmarks_backend.php via the Parent parameter, enabling remote SQL execution. Root cause/impact: Improper input handling allows arbitrary SQL commands; CVSS v2 base score 7.5 (HIGH...