6 matches found
EUVD-2007-5157
Malware in sbrugna...
SEC Consult SA-20130904-0 :: GroupLink everything HelpDesk - undocumented password reset/admin takeover and XSS vulnerabilities
SEC Consult Vulnerability Lab Security Advisory 20130904-0 ======================================================================= title: Undocumented password reset and admin takeover & Cross-Site Scripting vulnerabilities product: GroupLink everything HelpDesk vulnerable version: =10.0.3 fixed...
CVE-2007-5176
Multiple cross-site scripting XSS vulnerabilities in GroupLink eHelpDesk 6.2.2 allow remote attackers to inject arbitrary web script or HTML via the 1 NADISPLAYNAME parameter in helpdesk/user/rfcreate.jsp and the 2 username and 3 LDAPError parameters in index2.jsp. NOTE: the provenance of this...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in GroupLink eHelpDesk 6.2.2 allow remote attackers to inject arbitrary web script or HTML via the 1 NADISPLAYNAME parameter in helpdesk/user/rfcreate.jsp and the 2 username and 3 LDAPError parameters in index2.jsp. NOTE: the provenance of this...
CVE-2007-5176
Multiple cross-site scripting XSS vulnerabilities in GroupLink eHelpDesk 6.2.2 allow remote attackers to inject arbitrary web script or HTML via the 1 NADISPLAYNAME parameter in helpdesk/user/rfcreate.jsp and the 2 username and 3 LDAPError parameters in index2.jsp. NOTE: the provenance of this...
CVE-2007-5176
CVE-2007-5176 describes multiple cross-site scripting (XSS) vulnerabilities in GroupLink eHelpDesk 6.2.2. An attacker can inject arbitrary script/HTML via the following parameters: (1) NA_DISPLAYNAME in helpdesk/user/rf_create.jsp, and (2) username and (3) LDAPError in index2.jsp. The NVD entry l...