22 matches found
EUVD-2008-3330
Malware in sbrugna...
EUVD-2008-3329
Malware in sbrugna...
EasyPublish 3.0 'read' Parameter Multiple SQL Injection and Cross-Site Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/30307/info EasyPublish is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. The issues include SQL-injection and cross-site scripting vulnerabilities...
XSS vulnerability in EasyPublish CMS
Vulnerability ID: HTB22358 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinadvancedpoll.html Product: Advanced Poll Vendor: Chi Kien Uong Vulnerable Version: 2.08 and Probably Prior Versions Vendor Notification: 23 April 2010 Vulnerability Type: XSS Cross Site Scripting Status: Not...
XSS vulnerability in EasyPublish CMS
Vulnerability ID: HTB22356 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityineasypublishcms.html Product: EasyPublish CMS Vendor: Escio AS Vulnerable Version: Current at 23.04.2010 and Probably Prior Versions Vendor Notification: 23 April 2010 Vulnerability Type: XSS Cross Site Scripti...
EasyPublish CMS 23.04.2010 - URI Cross-Site Scripting
EasyPublish CMS 23.04.2010 - URI Cross-Site Scripting source: https://www.securityfocus.com/bid/40037/info EasyPublish CMS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script...
EasyPublish CMS Cross Site Scripting
Vulnerability ID: HTB22356 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityineasypublishcms.html Product: EasyPublish CMS Vendor: Escio AS Vulnerable Version: Current at 23.04.2010 and Probably Prior Versions Vendor Notification: 23 April 2010 Vulnerability Type: XSS Cross Site Scripti...
EasyPublish CMS 23.04.2010 - URI Cross-Site Scripting
source: https://www.securityfocus.com/bid/40037/info EasyPublish CMS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...
XSS in EasyPublish CMS
High-Tech Bridge SA Security Research Lab has discovered a vulnerability in EasyPublish CMS which could be exploited to perform cross-site scripting XSS attacks. 1 Cross-site scripting vulnerability in EasyPublish CMS Input passed via the URL to /index.php is not properly sanitized before being...
Easy Publish 3.0 Cross Site Scripting
-----------------------------I AM MUSLIM !!------------------------------ ============================================================================== / \ | | | | / \ | | | | / \ | | | | / \ | || | / \ | | | | / \ | | IN THE NAME OF // \ || || // \ || ||...
CVE-2008-3343
SQL injection vulnerability in staticpages/easypublish/index.php in MyioSoft EasyPublish 3.0tr trial edition allows remote attackers to execute arbitrary SQL commands via the read parameter in a search action...
CVE-2008-3342
Cross-site scripting XSS vulnerability in staticpages/easypublish/index.php in MyioSoft EasyPublish 3.0tr allows remote attackers to inject arbitrary web script or HTML via the read parameter in an edpNews action...
Sql injection
SQL injection vulnerability in staticpages/easypublish/index.php in MyioSoft EasyPublish 3.0tr trial edition allows remote attackers to execute arbitrary SQL commands via the read parameter in a search action...
Cross site scripting
Cross-site scripting XSS vulnerability in staticpages/easypublish/index.php in MyioSoft EasyPublish 3.0tr allows remote attackers to inject arbitrary web script or HTML via the read parameter in an edpNews action...
CVE-2008-3342
CVE-2008-3342: XSS vulnerability in MyioSoft EasyPublish 3.0tr. Affected component: staticpages/easypublish/index.php, vulnerable via the read parameter in the edp_News action. This could allow remote attackers to inject arbitrary web script or HTML into victims’ browsers. No exploitation details...
CVE-2008-3343
SQL injection vulnerability in staticpages/easypublish/index.php in MyioSoft EasyPublish 3.0tr trial edition allows remote attackers to execute arbitrary SQL commands via the read parameter in a search action...
CVE-2008-3343
CVE-2008-3343 is a SQL injection vulnerability affecting MyioSoft EasyPublish 3.0tr (trial edition). The flaw is in staticpages/easypublish/index.php where the read parameter in a search action is used unsafely, allowing remote attackers to execute arbitrary SQL commands. Base score 7.5 (HIGH) vi...
CVE-2008-3342
Cross-site scripting XSS vulnerability in staticpages/easypublish/index.php in MyioSoft EasyPublish 3.0tr allows remote attackers to inject arbitrary web script or HTML via the read parameter in an edpNews action...
EasyPublish 3.0tr Multiple Vulnerabilities ( Xss / Sql Injection Exploit / File Disclosure Exploit )
!/usr/bin/perl ---------------------------------------------------------------- Script : EasyPublish 3.0tr Type : Multiple Vulnerabilities Xss / Sql Injection Exploit / File Disclosure Exploit Variable Method : GET Alert : High ----------------------------------------------------------------...
EasyPublish 3.0 - 'read' Multiple SQL Injections / Cross-Site Scripting
source: https://www.securityfocus.com/bid/30307/info EasyPublish is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. The issues include SQL-injection and cross-site scripting vulnerabilities. Exploiting these issues could allow an...