17 matches found
EUVD-2005-2464
Malware in sbrugna...
EUVD-2005-2461
Malware in sbrugna...
EUVD-2005-2462
Malware in sbrugna...
Kayako LiveResponse 2.0 index.php Calendar Feature Multiple Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/14425/info Kayako LiveResponse is prone to multiple cross-site scripting, SQL injection, and HTML injection vulnerabilties. These issues are all related to input validation errors. The cross-site scripting and HTML...
Kayako SupportSuite < 3.30.00 Multiple Vulnerabilities
GulfTech Security Research August 09, 2008 Vendor : Kayako Infotech Ltd. URL : http://www.kayako.com/ Version : Kayako SupportSuite 3.30.00 Risk : Multiple Vulnerabilities Description: Kayako SupportSuite is a very popular online eSupport application that consists of several well known Kayako...
CVE-2005-2462
Kayako LiveResponse 2.x is affected by a vulnerability where, during user login, the password is recorded in plaintext in the URL. This enables local users and possibly remote attackers to gain privileges and access sensitive information. The issue is discussed across multiple sources, and relate...
CVE-2005-2463
Kayako LiveResponse 2.x vulnerability (CVE-2005-2463) lets remote attackers obtain sensitive information by directly requesting addressbook.php and other include scripts, with the path exposed in an error message. Affected software: Kayako LiveResponse 2.x. Impact: information disclosure with par...
CVE-2005-2461
Multiple SQL injection vulnerabilities in the calendar feature in Kayako liveResponse 2.x allow remote attackers to execute arbitrary SQL commands via the 1 year or 2 date parameter...
CVE-2005-2463
Kayako liveResponse 2.x allows remote attackers to obtain sensitive information via a direct request to addressbook.php and other include scripts, which reveals the path in an error message...
CVE-2005-2463
Kayako liveResponse 2.x allows remote attackers to obtain sensitive information via a direct request to addressbook.php and other include scripts, which reveals the path in an error message...
CVE-2005-2461
Multiple SQL injection vulnerabilities in the calendar feature in Kayako liveResponse 2.x allow remote attackers to execute arbitrary SQL commands via the 1 year or 2 date parameter...
CVE-2005-2462
Kayako liveResponse 2.x, when logging in a user, records the password in plaintext in the URL, which allows local users and possibly remote attackers to gain privileges...
kayakoBad.txt
GulfTech Security Research July 30th, 2005 Vendor : Kayako Web Solutions URL : http://www.kayako.com/ Version : Kayako liveResponse v2.x Risk : Multiple Vulnerabilities Description: Kayako liveResponse is a web based application aimed at providing live support for websites and businesses. There a...
Kayako LiveResponse Multiple Vulnerabilities
The remote host is running Kayako LiveResponse, a web-based live support system. The installed version of Kayako LiveResponse on the remote host fails to sanitize user-supplied input to many parameters / scripts, which makes the application vulnerable to SQL injection and cross-site scripting...
Kayako Live Response 2.0 - index.php Calendar Feature Multiple SQL Injections
Kayako Live Response 2.0 - index.php Calendar Feature Multiple SQL Injections source: https://www.securityfocus.com/bid/14425/info Kayako LiveResponse is prone to multiple cross-site scripting, SQL injection, and HTML injection vulnerabilties. These issues are all related to input validation...
Kayako Live Response 2.0 - 'index.php?Username' Cross-Site Scripting
source: https://www.securityfocus.com/bid/14425/info Kayako LiveResponse is prone to multiple cross-site scripting, SQL injection, and HTML injection vulnerabilties. These issues are all related to input validation errors. The cross-site scripting and HTML injection vulnerabilities may allow for...
Kayako Live Response 2.0 - 'index.php' Calendar Feature Multiple SQL Injections
source: https://www.securityfocus.com/bid/14425/info Kayako LiveResponse is prone to multiple cross-site scripting, SQL injection, and HTML injection vulnerabilties. These issues are all related to input validation errors. The cross-site scripting and HTML injection vulnerabilities may allow for...