CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

Prion•added 2006/03/19 2:2 a.m.•9 views

Cross site scripting

Cross-site scripting XSS vulnerability in ServiceRequests.asp in VPMi Enterprise 3.3 allows remote attackers to inject arbitrary web script or HTML via the RequestNameDisplay parameter...

4.3CVSS6.1AI score0.01226EPSS

Exploits1References5Affected Software1

NVD•added 2006/03/19 2:2 a.m.•13 views

CVE-2006-1266

Cross-site scripting XSS vulnerability in ServiceRequests.asp in VPMi Enterprise 3.3 allows remote attackers to inject arbitrary web script or HTML via the RequestNameDisplay parameter...

4.3CVSS5.7AI score0.01226EPSS

Exploits1References5

CVE•added 2006/03/19 2:0 a.m.•47 views

CVE-2006-1266

CVE-2006-1266 is a cross-site scripting (XSS) flaw in VPMi Enterprise 3.3, exploitable via the Request_Name_Display parameter in Service_Requests.asp. The issue allows remote attackers to inject arbitrary web script or HTML. The vulnerability is documented with an NVD CVSSv2 base score of 4.3 (ME...

4.3CVSS5.7AI score0.01226EPSS

Exploits1References5Affected Software1

Cvelist•added 2006/03/19 2:0 a.m.•19 views

CVE-2006-1266

Cross-site scripting XSS vulnerability in ServiceRequests.asp in VPMi Enterprise 3.3 allows remote attackers to inject arbitrary web script or HTML via the RequestNameDisplay parameter...

5.7AI score0.01226EPSS

Exploits1References5

Prion•added 2006/02/25 11:2 a.m.•11 views

Sql injection

DISPUTED SQL injection vulnerability in VCS Virtual Program Management Intranet VPMi Enterprise 3.3 allows remote attackers to execute arbitrary SQL commands via the UpdateID0 parameter to ServiceRequests.asp. NOTE: the provenance of this information is unknown; the details are obtained solely fr...

7.5CVSS8.4AI score0.01381EPSS

Exploits0References7Affected Software1

NVD•added 2006/02/25 11:2 a.m.•11 views

CVE-2006-0897

SQL injection vulnerability in VCS Virtual Program Management Intranet VPMi Enterprise 3.3 allows remote attackers to execute arbitrary SQL commands via the UpdateID0 parameter to ServiceRequests.asp. NOTE: the provenance of this information is unknown; the details are obtained solely from third...

7.5CVSS8AI score0.01381EPSS

Exploits0References7

Cvelist•added 2006/02/25 11:0 a.m.•14 views

CVE-2006-0897

8AI score0.01381EPSS

Exploits0References7

CVE•added 2006/02/25 11:0 a.m.•44 views

CVE-2006-0897

SQL injection vulnerability in VCS Virtual Program Management Intranet (VPMi) Enterprise 3.3 via the UpdateID0 parameter to Service_Requests.asp. The vendor disputes the issue, citing a protected state-management system, while third-party sources suggest the original researcher may have triggered...

7.5CVSS8AI score0.01381EPSS

Exploits0References7Affected Software1

Positive Technologies•added 2006/02/25 12:0 a.m.•2 views

PT-2006-1943 · Vcs · Vcs Virtual Program Management Intranet (Vpmi) Enterprise

Name of the Vulnerable Software and Affected Versions: VCS Virtual Program Management Intranet VPMi Enterprise version 3.3 Description: A SQL injection issue allows remote attackers to execute arbitrary SQL commands via the UpdateID0 parameter to "Service Requests.asp". The vendor has disputed th...

7.5CVSS9AI score0.01381EPSS

Exploits0References9

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by