6 matches found
EUVD-2010-0646
Malware in sbrugna...
EUVD-2010-0645
Malware in sbrugna...
CVE-2010-0614
SQL injection vulnerability in ajax.php in evalSMSI 2.1.03 allows remote attackers to execute arbitrary SQL commands via the query parameter in the 1 question action, and possibly the 2 subpar or 3 numquest actions...
Sql injection
SQL injection vulnerability in ajax.php in evalSMSI 2.1.03 allows remote attackers to execute arbitrary SQL commands via the query parameter in the 1 question action, and possibly the 2 subpar or 3 numquest actions...
CVE-2010-0617
CVE-2010-0617 affects evalSMSI, specifically version 2.1.03, with a cross-site scripting (XSS) flaw in ajax.php that allows injection of arbitrary script/HTML via the return parameter. The vulnerability is cited in multiple feeds (NVD entry, OpenVAS findings) and has a NVD base score of 4.3 (Medi...
CVE-2010-0614
CVE-2010-0614 is a SQL injection in evalSMSI 2.1.03 affecting ajax.php. The vulnerability allows remote attackers to inject SQL through the query parameter in the (1) question action and potentially (2) sub_par or (3) num_quest actions. Documents confirm the affected product/version and the input...