28 matches found
EUVD-2006-4871
Malware in sbrugna...
EUVD-2012-5249
Malware in sbrugna...
EUVD-2009-4401
Malware in sbrugna...
EUVD-2009-4400
Malware in sbrugna...
CVE-2006-4884
Multiple cross-site scripting XSS vulnerabilities in IDevSpot iSupport 1.8 allow remote attackers to inject arbitrary web script or HTML via 1 the suser parameter in support/rightbar.php, 2 the ticketid parameter in support/opentickets.php, and 3 the conspagetitle parameter in index.php. NOTE: th...
IDevSpot iSupport 1.8 open_tickets.php ticket_id Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/19963/info IDevSpot iSupport is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user supplied data. Exploiting these issues could allow an attacker to steal cookie-based...
IDevSpot iSupport 1.8 rightbar.php suser Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/19963/info IDevSpot iSupport is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user supplied data. Exploiting these issues could allow an attacker to steal cookie-based...
IDevSpot iSupport 1.8 Index.PHP Remote File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/19964/info IDevSupport iSupport is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue could allow an attacker to compromise the application and...
IDevSpot iSupport 1.8 index.php cons_page_title Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/19963/info IDevSpot iSupport is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user supplied data. Exploiting these issues could allow an attacker to steal cookie-based...
CVE-2012-5326
Cross-site request forgery CSRF vulnerability in admin/function.php in IDevSpot iSupport 1.x allows remote attackers to hijack the authentication of administrators for requests that add administrator accounts via an administrators action...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in admin/function.php in IDevSpot iSupport 1.x allows remote attackers to hijack the authentication of administrators for requests that add administrator accounts via an administrators action...
CVE-2012-5326
Cross-site request forgery CSRF vulnerability in admin/function.php in IDevSpot iSupport 1.x allows remote attackers to hijack the authentication of administrators for requests that add administrator accounts via an administrators action...
CVE-2012-5326
CVE-2012-5326 affects IDevSpot iSupport 1.x. The vulnerability is a CSRF in admin/function.php that allows remote attackers to hijack administrator authentication to perform actions that add administrator accounts. The connected documents provide the same description and do not specify exploitati...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in IDevSpot iSupport 1.8 and earlier allow remote attackers to inject arbitrary web script or HTML via the a 5 or b 9 field in a post action to ticketfunction.php, reachable through ticketsubmit.php and index.php; c the which parameter to...
CVE-2009-4433
Multiple cross-site scripting XSS vulnerabilities in IDevSpot iSupport 1.8 and earlier allow remote attackers to inject arbitrary web script or HTML via the a 5 or b 9 field in a post action to ticketfunction.php, reachable through ticketsubmit.php and index.php; c the which parameter to...
CVE-2009-4433
Multiple cross-site scripting XSS vulnerabilities in IDevSpot iSupport 1.8 and earlier allow remote attackers to inject arbitrary web script or HTML via the a 5 or b 9 field in a post action to ticketfunction.php, reachable through ticketsubmit.php and index.php; c the which parameter to...
CVE-2009-4433
CVE-2009-4433 affects IDevSpot iSupport 1.8 and earlier. The XSS flaws enable remote injection via: (a) the 5 or (b) 9 field in post to ticket_function.php, reachable via ticket_submit.php and index.php; (c) the which parameter to function.php; or (d) the which parameter to index.php, related to ...
CVE-2007-6539
PHP local file inclusion vulnerability in index.php in IDevspot iSupport 1.8 allows remote attackers to include local files via the includefile parameter...
iDevSpot iSupport 1.8 - 'index.php' Local File Inclusion
source: https://www.securityfocus.com/bid/26961/info iSupport is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. Exploiting this issue may allow an unauthorized user to view files and execute local scripts. This issue affects iSupport 1.8;...
CVE-2006-4884
Multiple cross-site scripting XSS vulnerabilities in IDevSpot iSupport 1.8 allow remote attackers to inject arbitrary web script or HTML via 1 the suser parameter in support/rightbar.php, 2 the ticketid parameter in support/opentickets.php, and 3 the conspagetitle parameter in index.php. NOTE: th...