EUVD-2015-2181

Malware in sbrugna...

eTouch SamePage <= 4.4.0.0.239 SQLi Vulnerability - Active Check

eTouch SamePage is prone to a blind SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2015-2070

SQL injection vulnerability in eTouch SamePage Enterprise Edition 4.4.0.0.239 allows remote attackers to execute arbitrary SQL commands via the catId parameter to cm/blogrss/feed...

Directory traversal

Directory traversal vulnerability in cm/newui/blog/export.jsp in eTouch SamePage Enterprise Edition 4.4.0.0.239 allows remote authenticated users to read arbitrary files via a .. dot dot in the filepath parameter...

Sql injection

SQL injection vulnerability in eTouch SamePage Enterprise Edition 4.4.0.0.239 allows remote attackers to execute arbitrary SQL commands via the catId parameter to cm/blogrss/feed...

CVE-2015-2071

CVE-2015-2071 affects ETouch Systems SamePage Enterprise Edition 4.4.0.0.239. A directory traversal flaw exists in cm/newui/blog/export.jsp that allows remote authenticated users to read arbitrary files via a .. sequence in the filepath parameter. Connected CNVD/NVD entries corroborate the same v...

CVE-2015-2070

The CVE-2015-2070 entry covers a SQL injection in eTouch SamePage Enterprise Edition 4.4.0.0.239, exploitable via the catId parameter to cm/blogrss/feed, allowing remote SQL commands. The OpenVAS record confirms an active check for eTouch SamePage

CVE-2015-2071

Directory traversal vulnerability in cm/newui/blog/export.jsp in eTouch SamePage Enterprise Edition 4.4.0.0.239 allows remote authenticated users to read arbitrary files via a .. dot dot in the filepath parameter...

CVE-2015-2070

SQL injection vulnerability in eTouch SamePage Enterprise Edition 4.4.0.0.239 allows remote attackers to execute arbitrary SQL commands via the catId parameter to cm/blogrss/feed...

eTouch SamePage 4.4.0.0.239 - Multiple Vulnerabilities

eTouch SamePage v4.4.0.0.239 multiple vulnerabilities http://www.etouch.net/products/samepage/index.html Enterprise trial was installed in an Ubuntu virtual machine with MySQL. By default, the listening port is 18080. Required on the Ubuntu machine to install the SamePage binary successfully: sud...

eTouch SamePage 4.4.0.0.239 - Multiple Vulnerabilities

eTouch SamePage 4.4.0.0.239 - Multiple Vulnerabilities eTouch SamePage v4.4.0.0.239 multiple vulnerabilities http://www.etouch.net/products/samepage/index.html Enterprise trial was installed in an Ubuntu virtual machine with MySQL. By default, the listening port is 18080. Required on the Ubuntu...

eTouch Samepage 4.4.0.0.239 SQL Injection / File Read Vulnerabilities

Exploit for php platform in category web applications Couldn’t find anyone to contact regarding this, so dropping it. eTouch SamePage v4.4.0.0.239 multiple vulnerabilities http://www.etouch.net/products/samepage/index.html Enterprise trial was installed in an Ubuntu virtual machine with MySQL. By...

eTouch Samepage 4.4.0.0.239 SQL Injection / File Read

Couldn’t find anyone to contact regarding this, so dropping it. eTouch SamePage v4.4.0.0.239 multiple vulnerabilities http://www.etouch.net/products/samepage/index.html Enterprise trial was installed in an Ubuntu virtual machine with MySQL. By default, the listening port is 18080. Required on the...