XSS Vulnerabilities in eFront

Information --------------------------------- Name : XSS Vulnerabilities in eFront Software : eFront 3.6.10 build 11944 and possibly below. Vendor Homepage : http://efrontlearning.net/ Vulnerability Type : Cross-Site Scripting Severity : High Researcher : Canberk Bolat Advisory Reference :...

eFront <= 3.6.10 build 11944 Multiple XSS and SQLi Vulnerabilities

eFront is prone to multiple cross-site scripting XSS and SQL injection SQLi vulnerabilities because the software fails to sufficiently sanitize user-supplied input. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C b...

eFront 3.6.10 Build 11944 Cross Site Scripting

Information --------------------------------- Name : XSS Vulnerabilities in eFront Software : eFront 3.6.10 build 11944 and possibly below. Vendor Homepage : http://efrontlearning.net/ Vulnerability Type : Cross-Site Scripting Severity : High Researcher : Canberk Bolat Advisory Reference :...

eFront 3.6.x - Multiple Cross-Site Scripting SQL Injections

eFront 3.6.x - Multiple Cross-Site Scripting SQL Injections source: https://www.securityfocus.com/bid/50492/info eFront is prone to multiple cross-site scripting and SQL-injection vulnerabilities because the software fails to sufficiently sanitize user-supplied input. Exploiting these...

eFront 3.6.x - Multiple Cross-Site Scripting / SQL Injections

source: https://www.securityfocus.com/bid/50492/info eFront is prone to multiple cross-site scripting and SQL-injection vulnerabilities because the software fails to sufficiently sanitize user-supplied input. Exploiting these vulnerabilities could allow an attacker to steal cookie-based...

Efront 3.6.10 Build 11944 Cross Site Scripting / SQL Injection

Vulnerability ID: HTB23053 Reference: https://www.htbridge.ch/advisory/multiplevulnerabilitiesinefront.html Product: Efront Vendor: EPIGNOSIS Ltd http://www.efrontlearning.net/ Vulnerable Version: 3.6.10 build 11944 and probably prior Tested Version: 3.6.10 build 11944 Vendor Notification: 12...

eFront <= 3.6.10 build 11944 Multiple XSS Vulnerabilities

eFront is prone to multiple cross-site scripting XSS vulnerabilities because the software fails to sufficiently sanitize user-supplied input. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...

eFront 3.6.10 Build 11944 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/50469/info eFront is prone to multiple cross-site scripting vulnerabilities because the software fails to sufficiently sanitize user-supplied input An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting us...

eFront 3.6.10 Build 11944 - Multiple Cross-Site Scripting Vulnerabilities

eFront 3.6.10 Build 11944 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/50469/info eFront is prone to multiple cross-site scripting vulnerabilities because the software fails to sufficiently sanitize user-supplied input An attacker may leverage these...

eFront 3.6.10 Multiple Security Vulnerabilities

eFront is prone to multiple security vulnerabilities, including: - A remote code injection vulnerability - Multiple SQL injection vulnerabilities - An authentication bypass and privilege escalation vulnerability - A remote code execution vulnerability - A file upload vulnerability...

eFront 3.6.10 - professor.php Script Multiple SQL Injections

eFront 3.6.10 - professor.php Script Multiple SQL Injections source: https://www.securityfocus.com/bid/50419/info eFront is prone to multiple SQL-injection vulnerabilities because the application fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these...

eFront Enterprise 3.6.10 Database Disclosure / SQL Injection

Title: ====== eFront Enterprise v3.6.10 - Multiple Remote Vulnerabilities Date: ===== 2011-10-27 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=298 VL-ID: ===== 298 Introduction: ============= Tailored with larger organizations in mind, eFront Enterprise offers solutio...

eFront 3.6.10 - &#039;professor.php&#039; Script Multiple SQL Injections

source: https://www.securityfocus.com/bid/50419/info eFront is prone to multiple SQL-injection vulnerabilities because the application fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application,...

eFront 3.6.10 (build 11944) - Multiple Vulnerabilities

eFront 3.6.10 build 11944 - Multiple Vulnerabilities ---------------------------------------------------------------- eFront = 3.6.10 build 11944 Multiple Security Vulnerabilities ---------------------------------------------------------------- author.............: EgiX mail...............:...

eFront 3.6.10 (build 11944) - Multiple Vulnerabilities

---------------------------------------------------------------- eFront = 3.6.10 build 11944 Multiple Security Vulnerabilities ---------------------------------------------------------------- author.............: EgiX mail...............: n0b0d13satgmaildotcom software link......:...

eFront 3.6.10 Build 11944 Shell Upload / Code Execution / SQL Injection

---------------------------------------------------------------- eFront = 3.6.10 build 11944 Multiple Security Vulnerabilities ---------------------------------------------------------------- author.............: EgiX mail...............: n0b0d13satgmaildotcom software link......:...

eFront Enterprise v3.6.10 - Multiple Remote Vulnerabilities

Document Title: =============== eFront Enterprise v3.6.10 - Multiple Remote Vulnerabilities References Source: ==================== VL-ID http://www.vulnerability-lab.com/getcontent.php?id=298 CNNVD-201110-705 http://www.cnnvd.org.cn/vulnerability/show/cvcnnvdid/CNNVD-201110-705 Release Date:...

eFront <= 3.6.10 (build 11944) Multiple Security Vulnerabilities

Exploit for php platform in category web applications ---------------------------------------------------------------- eFront = 3.6.10 build 11944 Multiple Security Vulnerabilities ---------------------------------------------------------------- author.............: EgiX mail...............:...

eFront Enterprise v3.6.10 - Multiple Remote Vulnerabilities

Document Title: =============== eFront Enterprise v3.6.10 - Multiple Remote Vulnerabilities References Source: ==================== VL-ID http://www.vulnerability-lab.com/getcontent.php?id=298 CNNVD-201110-705 http://www.cnnvd.org.cn/vulnerability/show/cvcnnvdid/CNNVD-201110-705 Release Date:...

Multiple vulnerabilities in Efront

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Efront, which can be exploited to perform SQL injection and cross-site scripting attacks. 1 Cross-Site scripting XSS vulnerabilities in Efront 1.1 Input passed via the "course" GET parameter to index.php is not...