36 matches found
EUVD-2008-1430
Malware in sbrugna...
EUVD-2008-3545
Malware in sbrugna...
EUVD-2006-2952
Malware in sbrugna...
KAPhotoservice 7.5 album.asp cat Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/18379/info KAPhotoservice is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in...
KAPhotoservice 7.5 albums.asp albumid Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/18379/info KAPhotoservice is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in...
KAPhotoservice search.asp filename Parameter XSS
No description provided by source...
KAPhotoservice 7.5 edtalbum.asp Multiple Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/18379/info KAPhotoservice is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in KAPhotoservice allow remote attackers to inject arbitrary web script or HTML via the 1 filename parameter to search.asp and the 2 page parameter to order.asp. NOTE: the provenance of this information is unknown; the details are obtained solely...
CVE-2008-3559
Multiple cross-site scripting XSS vulnerabilities in KAPhotoservice allow remote attackers to inject arbitrary web script or HTML via the 1 filename parameter to search.asp and the 2 page parameter to order.asp. NOTE: the provenance of this information is unknown; the details are obtained solely...
CVE-2008-3559
CVE-2008-3559 describes multiple XSS vulnerabilities in KAPhotoservice . The affected endpoints are search.asp (via the filename parameter) and order.asp (via the page parameter), allowing remote attackers to inject arbitrary web script or HTML. The root cause is unvalidated/reflected user input ...
CVE-2008-3559
Multiple cross-site scripting XSS vulnerabilities in KAPhotoservice allow remote attackers to inject arbitrary web script or HTML via the 1 filename parameter to search.asp and the 2 page parameter to order.asp. NOTE: the provenance of this information is unknown; the details are obtained solely...
KAPhotoservice - order.asp?page Cross-Site Scripting
KAPhotoservice - order.asp?page Cross-Site Scripting source: https://www.securityfocus.com/bid/30567/info KAPhotoservice is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary...
KAPhotoservice - search.asp?Filename Cross-Site Scripting
KAPhotoservice - search.asp?Filename Cross-Site Scripting source: https://www.securityfocus.com/bid/30567/info KAPhotoservice is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute...
KAPhotoservice - 'order.asp?page' Cross-Site Scripting
source: https://www.securityfocus.com/bid/30567/info KAPhotoservice is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in...
KAPhotoservice - 'search.asp?Filename' Cross-Site Scripting
source: https://www.securityfocus.com/bid/30567/info KAPhotoservice is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in...
CVE-2008-1426
SQL injection vulnerability in album.asp in KAPhotoservice allows remote attackers to execute arbitrary SQL commands via the albumid parameter...
Sql injection
SQL injection vulnerability in album.asp in KAPhotoservice allows remote attackers to execute arbitrary SQL commands via the albumid parameter...
CVE-2008-1426
Affected software: KAPhotoservice (album.asp). Vulnerable component: the albumid parameter in album.asp allows SQL injection due to unsafe SQL construction, enabling remote arbitrary SQL execution. Impact details from CVSS indicate partial impact on confidentiality, integrity, and availability wi...
CVE-2008-1426
SQL injection vulnerability in album.asp in KAPhotoservice allows remote attackers to execute arbitrary SQL commands via the albumid parameter...
KAPhotoservice (album.asp) Remote SQL Injection Exploit
No description provided by source. --==+=================== Spanish Hackers Team www.spanish-hackers.com =================+==-- --==+ KAPhotoservice album.asp Remote SQL Injection Exploit +==-- --==+====================================================================================+==-- + JosS +...