14 matches found
EUVD-2007-0692
Malware in sbrugna...
EUVD-2007-0609
Malware in sbrugna...
EUVD-2007-0693
Malware in sbrugna...
CVE-2007-0695
Multiple SQL injection vulnerabilities in Free LAN Intra|ternet Portal FLIP before 1.0-RC3 allow remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: some sources mention the escapesqlData, implodesql, and implodesqlIn functions, but these are protection schemes, not...
Cross site scripting
Cross-site scripting XSS vulnerability in error messages in Free LAN Intra|ternet Portal FLIP before 1.0-RC3 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters, different vectors than CVE-2007-0611...
Sql injection
Multiple SQL injection vulnerabilities in Free LAN Intra|ternet Portal FLIP before 1.0-RC3 allow remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: some sources mention the escapesqlData, implodesql, and implodesqlIn functions, but these are protection schemes, not...
CVE-2007-0696
CVE-2007-0696 describes an XSS vulnerability in the Free LAN In(tra|ter)net Portal (FLIP) prior to 1.0-RC3. The issue affects error messages and allows remote attackers to inject arbitrary web script or HTML via unspecified parameters, with vectors different from CVE-2007-0611. According to the N...
CVE-2007-0696
Cross-site scripting XSS vulnerability in error messages in Free LAN Intra|ternet Portal FLIP before 1.0-RC3 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters, different vectors than CVE-2007-0611...
CVE-2007-0695
The CVE-2007-0695 entry concerns Free LAN Intra|net Portal (FLIP) prior to 1.0-RC3, where multiple SQL injection vulnerabilities enable remote execution of arbitrary SQL via unspecified vectors. The note clarifies that certain functions (escape_sqlData, implode_sql, implode_sqlIn) cited by some s...
CVE-2007-0695
Multiple SQL injection vulnerabilities in Free LAN Intra|ternet Portal FLIP before 1.0-RC3 allow remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: some sources mention the escapesqlData, implodesql, and implodesqlIn functions, but these are protection schemes, not...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Free LAN Intra|ternet Portal FLIP before 1.0-RC2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors in 1 inc.page.php and 2 inc.text.php...
CVE-2007-0611
Multiple cross-site scripting XSS vulnerabilities in Free LAN Intra|ternet Portal FLIP before 1.0-RC2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors in 1 inc.page.php and 2 inc.text.php...
CVE-2007-0611
The CVE-2007-0611 entry describes XSS vulnerabilities in Free LAN In(tra|ter)net Portal (FLIP) before 1.0-RC2, exploitable via unspecified vectors in the files inc.page.php and inc.text.php. Affected component: FLIP web portal. Impact is the ability to inject arbitrary web script/HTML in the cont...
CVE-2007-0611
Multiple cross-site scripting XSS vulnerabilities in Free LAN Intra|ternet Portal FLIP before 1.0-RC2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors in 1 inc.page.php and 2 inc.text.php...