CVE-2014-4033

Cross-site scripting XSS vulnerability in libraries/includes/personal/profile.php in Epignosis eFront 3.6.14.4 allows remote attackers to inject arbitrary web script or HTML via the surname parameter to student.php...

EUVD-2015-4481

Malware in sbrugna...

EUVD-2009-3635

Malware in sbrugna...

EUVD-2012-4214

Malware in sbrugna...

EUVD-2012-4213

Malware in sbrugna...

EUVD-2010-1036

Malware in sbrugna...

EUVD-2015-1693

Malware in sbrugna...

EUVD-2013-6977

Malware in sbrugna...

EUVD-2008-6985

Malware in sbrugna...

EUVD-2015-4483

Malware in sbrugna...

EUVD-2012-1086

Malware in sbrugna...

EUVD-2012-6365

Malware in sbrugna...

EUVD-2019-14675

Malware in sbrugna...

EUVD-2015-4482

Malware in sbrugna...

EUVD-2014-3965

Malware in sbrugna...

EUVD-2010-1937

Malware in sbrugna...

EUVD-2019-14674

Malware in sbrugna...

CVE-2010-1918

SQL injection vulnerability in askchat.php in eFront 3.6.2 and earlier allows remote attackers to execute arbitrary SQL commands via the chatroomsID parameter...

CVE-2019-5070

An exploitable SQL injection vulnerability exists in the unauthenticated portion of eFront LMS, versions v5.2.12 and earlier. Specially crafted web request to login page can cause SQL injections, resulting in data compromise. An attacker can use a browser to trigger these vulnerabilities, and no...

CVE-2012-6515

eFront 3.6.10, 3.6.11 build 15059, and earlier allows remote attackers to obtain sensitive information via invalid coursesID parameter in the lessoninfo module to index.php, which reveals the installation path in an error message...