14 matches found
EUVD-2007-2777
Malware in sbrugna...
EUVD-2011-5077
Malware in sbrugna...
CVE-2011-5177
Multiple cross-site scripting XSS vulnerabilities in admin/controller.php in eSyndiCat Pro 2.3.05 allow remote attackers to inject arbitrary web script or HTML via the 1 id parameter to the admins 2 blocks, 3 articles, or 4 suggest-category; or 5 sort parameter to the search page...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in admin/controller.php in eSyndiCat Pro 2.3.05 allow remote attackers to inject arbitrary web script or HTML via the 1 id parameter to the admins 2 blocks, 3 articles, or 4 suggest-category; or 5 sort parameter to the search page...
CVE-2011-5177
Multiple cross-site scripting XSS vulnerabilities in admin/controller.php in eSyndiCat Pro 2.3.05 allow remote attackers to inject arbitrary web script or HTML via the 1 id parameter to the admins 2 blocks, 3 articles, or 4 suggest-category; or 5 sort parameter to the search page...
CVE-2011-5177
CVE-2011-5177 affects the eSyndiCat Pro 2.3.05 web app. The vulnerability is multiple cross-site scripting (XSS) in admin/controller.php, exploitable via the following parameters: (1) id to the admins, (2) blocks, (3) articles, (4) suggest-category, or (5) sort on the search page. The root cause ...
[Suspected Spam] eSyndiCat Pro v2.4.1 - Multiple Web Vulnerabilities
Title: ====== eSyndiCat Pro v2.4.1 - Multiple Web Vulnerabilities Date: ===== 2012-05-19 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=575 VL-ID: ===== 575 Common Vulnerability Scoring System: ==================================== 7.1 Introduction: =============...
eSyndiCat Pro 2.4.1 CSRF / XSS / SQL Injection
Title: ====== eSyndiCat Pro v2.4.1 - Multiple Web Vulnerabilities Date: ===== 2012-05-19 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=575 VL-ID: ===== 575 Common Vulnerability Scoring System: ==================================== 7.1 Introduction: =============...
eSyndiCat Pro 2.3.5 - Multiple Cross-Site Scripting Vulnerabilities
eSyndiCat Pro 2.3.5 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/50822/info eSyndiCat Pro is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to...
eSyndiCat Pro 2.3.5 - Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/50822/info eSyndiCat Pro is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in...
eSyndiCat Pro 2.3.05 Cross Site Scripting
Exploit Title: eSyndiCat Pro v2.3.05 Cross-Site Scripting XSS Script Page : http://www.esyndicat.com Date: 24:11:2011 Author : RandomStorm - http://www.randomstorm.com Avram Marius Gabriel d3v1l Tested on: Windows XP & Vista IE9 - Firefox 8.0 Note: Redirect and Html Injection can be performed als...
CVE-2007-2785
manage-admins.php in eSyndiCat Pro 1.x allows remote attackers to create additional administrative accounts, and have other unspecified impact, via modified username, newpass, newpass2, status, super, and certain other parameters in an add action...
Design/Logic Flaw
manage-admins.php in eSyndiCat Pro 1.x allows remote attackers to create additional administrative accounts, and have other unspecified impact, via modified username, newpass, newpass2, status, super, and certain other parameters in an add action...
CVE-2007-2785
CVE-2007-2785 concerns manage-admins.php in eSyndiCat Pro 1.x. The vulnerability allows remote attackers to create additional administrative accounts by modifying parameters such as username, new_pass, new_pass2, status, and super in an add action. This implies unauthenticated remote write access...