33 matches found
EUVD-2010-4817
Malware in sbrugna...
EUVD-2010-4816
Malware in sbrugna...
eclime 1.1 - Bypass / Create and Download Backup Vulnerability
No description provided by source...
Eclime 1.1.2b Multiple Vulnerabilities
No description provided by source. Vulnerability ID: HTB22705 Reference: http://www.htbridge.ch/advisory/sqlinjectionineclime1.html Product: Eclime Vendor: www.eclime.com http://www.eclime.com/ Vulnerable Version: 1.1.2b Vendor Notification: 16 November 2010 Vulnerability Type: SQL Injection...
Eclime Multiple SQL Injection and Cross-site Scripting Vulnerabilities
This host is running Eclime and is prone to multiple cross site scripting and SQL injection vulnerabilities. OpenVAS Vulnerability Test $Id: gbeclimemultsqlinjnxssvuln.nasl 5793 2017-03-30 13:40:15Z cfi $ Eclime Multiple SQL Injection and Cross-site Scripting Vulnerabilities Authors: Antu Sanadi...
Eclime Multiple SQL Injection and Cross-site Scripting Vulnerabilities
Eclime is prone to multiple cross site scripting and SQL injection vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescripti...
CVE-2010-4851
Multiple SQL injection vulnerabilities in Eclime 1.1.2b allow remote attackers to execute arbitrary SQL commands via the 1 ref or 2 pollid parameter to index.php, or the 3 country parameter to createaccount.php...
CVE-2010-4852
Cross-site scripting XSS vulnerability in login.php in Eclime 1.1.2b allows remote attackers to inject arbitrary web script or HTML via the reason parameter in a fail action...
Cross site scripting
Cross-site scripting XSS vulnerability in login.php in Eclime 1.1.2b allows remote attackers to inject arbitrary web script or HTML via the reason parameter in a fail action...
Sql injection
Multiple SQL injection vulnerabilities in Eclime 1.1.2b allow remote attackers to execute arbitrary SQL commands via the 1 ref or 2 pollid parameter to index.php, or the 3 country parameter to createaccount.php...
CVE-2010-4852
CVE-2010-4852 affects Eclime 1.1.2b, where login.php’s reason parameter is vulnerable to cross-site scripting (XSS) due to insufficient input sanitization. Exploitation could cause arbitrary script/HTML execution in a user’s browser. Concrete details across connected records confirm the vulnerabl...
CVE-2010-4851
Multiple SQL injection vulnerabilities in Eclime 1.1.2b allow remote attackers to execute arbitrary SQL commands via the 1 ref or 2 pollid parameter to index.php, or the 3 country parameter to createaccount.php...
CVE-2010-4852
Cross-site scripting XSS vulnerability in login.php in Eclime 1.1.2b allows remote attackers to inject arbitrary web script or HTML via the reason parameter in a fail action...
CVE-2010-4851
CVE-2010-4851 affects Eclime 1.1.2b. The OpenVAS/NVD entries document multiple SQL injection vulnerabilities in the web app, exploitable via (1) ref and (2) poll_id parameters to index.php and (3) country parameter to create_account.php. Attacks can lead to arbitrary SQL execution and exposure of...
eClime eCommerce JE 1.0.6b - SQL Injection Vulnerabilities
Document Title: =============== eClime eCommerce JE 1.0.6b - SQL Injection Vulnerabilities Release Date: ============= 2011-07-13 Vulnerability Laboratory ID VL-ID: ==================================== 82 Product & Service Introduction: =============================== eclime is a very powerful...
eClime eCommerce JE 1.0.6b - SQL Injection Vulnerabilities
Document Title: =============== eClime eCommerce JE 1.0.6b - SQL Injection Vulnerabilities Release Date: ============= 2011-07-13 Vulnerability Laboratory ID VL-ID: ==================================== 82 Product & Service Introduction: =============================== eclime is a very powerful...
eclime index.php ref Parameter SQL Injection
The version of eclime hosted on the remote web server fails to sanitize input to the 'ref' parameter of the 'index.php' script before using it in a database query. Regardless of PHP's 'magicquotesgpc' setting, an unauthenticated remote attacker can leverage this issue to manipulate SQL queries an...
SQL Injection in Eclime
Vulnerability ID: HTB22707 Reference: http://www.htbridge.ch/advisory/sqlinjectionineclime2.html Product: Eclime Vendor: www.eclime.com http://www.eclime.com/ Vulnerable Version: 1.1.2b Vendor Notification: 16 November 2010 Vulnerability Type: SQL Injection Status: Not Fixed, Vendor Alerted,...
SQL Injection in Eclime
Vulnerability ID: HTB22705 Reference: http://www.htbridge.ch/advisory/sqlinjectionineclime1.html Product: Eclime Vendor: www.eclime.com http://www.eclime.com/ Vulnerable Version: 1.1.2b Vendor Notification: 16 November 2010 Vulnerability Type: SQL Injection Status: Not Fixed, Vendor Alerted,...
SQL Injection in Eclime
Vulnerability ID: HTB22704 Reference: http://www.htbridge.ch/advisory/sqlinjectionineclime.html Product: Eclime Vendor: www.eclime.com http://www.eclime.com/ Vulnerable Version: 1.1.2b Vendor Notification: 16 November 2010 Vulnerability Type: SQL Injection Status: Not Fixed, Vendor Alerted,...