16 matches found
EUVD-2007-3689
Malware in sbrugna...
EUVD-2007-3263
Malware in sbrugna...
Sql injection
SQL injection vulnerability in FuseTalk 2.0 allows remote attackers to execute arbitrary SQL commands via the FTVARSUBCAT txForumID parameter to forum/index.cfm and possibly other unspecified components, related to forum/include/error/forumerror.cfm...
CVE-2007-3705
SQL injection vulnerability in FuseTalk 2.0 allows remote attackers to execute arbitrary SQL commands via the FTVARSUBCAT txForumID parameter to forum/index.cfm and possibly other unspecified components, related to forum/include/error/forumerror.cfm...
CVE-2007-3705
SQL injection vulnerability in FuseTalk 2.0 allows remote attackers to execute arbitrary SQL commands via the FTVARSUBCAT txForumID parameter to forum/index.cfm and possibly other unspecified components, related to forum/include/error/forumerror.cfm...
CVE-2007-3705
CVE-2007-3705 affects FuseTalk 2.0, where a SQL injection flaw exists in the forum/index.cfm path. The vulnerability is triggered via the FTVAR_SUBCAT (txForumID) parameter and relates to forum/include/error/forumerror.cfm, allowing remote attackers to execute arbitrary SQL commands. The provided...
Sql injection
SQL injection vulnerability in index.cfm in FuseTalk 2.0 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2007-3273
SQL injection vulnerability in index.cfm in FuseTalk 2.0 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2007-3273
SQL injection vulnerability in index.cfm in FuseTalk 2.0 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2007-3273
FuseTalk 2.0 is affected by an SQL injection in index.cfm (and related forum error handling paths) that allows remote attackers to execute arbitrary SQL commands. The vulnerability involves unsafely handling user-supplied input (notably the txForumID/ errorcode parameters) in FuseTalk’s ColdFusio...
Fusetalk SQL injection submission.
Greetings, I have found sql injection in FuseTalk 2.0 during a legitmate audit. Resending because I got MIME errors to [email protected]. I have exchanged emails with [email protected] who needed more information when I originally sent an email to [email protected] Operating...
CVE-2002-2166
CVE-2002-2166 is an XSS vulnerability reported in FuseTalk 2.0 and 3.0. The public records indicate that remote attackers could inject arbitrary HTML/script into pages, potentially affecting user data integrity without affecting confidentiality or availability per the CVSS metrics (base score 4.3...
CVE-2004-1995
FuseTalk 2.0 is affected by a Cross-Site Request Forgery (CSRF) vulnerability that lets remote attackers create arbitrary user accounts via a request to adduser.cfm. The issue is tied to the adduser.cfm endpoint and is described in multiple sources (including PT-2004-2891) as enabling account cre...
CVE-2004-1995
Cross-Site Request Forgery CSRF vulnerability in FuseTalk 2.0 allows remote attackers to create arbitrary accounts via a link to adduser.cfm...
CVE-2004-1995
Cross-Site Request Forgery CSRF vulnerability in FuseTalk 2.0 allows remote attackers to create arbitrary accounts via a link to adduser.cfm...
PT-2004-2891 · Fusetalk · Fusetalk
Name of the Vulnerable Software and Affected Versions: FuseTalk version 2.0 Description: A Cross-Site Request Forgery CSRF issue allows remote attackers to create arbitrary accounts via a link to "adduser.cfm". Recommendations: For FuseTalk version 2.0, consider disabling the account creation...