11 matches found
EUVD-2005-4172
Malware in sbrugna...
Magic Forum Personal view_thread.cfm Multiple Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/15774/info CFMagic Products are prone to multiple input validation vulnerabilities. These are due to a lack of proper sanitization of user-supplied input. These vulnerabilities allow an attacker to inject malicious SQL co...
Magic Book Professional 2.0 Book.CFM Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/15805/info Magic Book Professional is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have...
Magic List Pro view_archive.cfm ListID Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/15774/info CFMagic Products are prone to multiple input validation vulnerabilities. These are due to a lack of proper sanitization of user-supplied input. These vulnerabilities allow an attacker to inject malicious SQL co...
CVE-2005-4177
Cross-site scripting XSS vulnerability in book.cfm in Magic Book Personal and Professional 2.0 allows remote attackers to inject arbitrary web script or HTML via the StartRow parameter...
CVE-2005-4177
Cross-site scripting XSS vulnerability in book.cfm in Magic Book Personal and Professional 2.0 allows remote attackers to inject arbitrary web script or HTML via the StartRow parameter...
CVE-2005-4177
The CVE-2005-4177 entry concerns an XSS vulnerability in Magic Book Personal and Professional 2.0, specifically in the book.cfm component where the StartRow parameter is not properly sanitized. The vulnerability could allow remote attackers to inject arbitrary web script or HTML, as documented by...
Magic Book Professional 2.0 - 'Book.cfm' Cross-Site Scripting
source: https://www.securityfocus.com/bid/15805/info Magic Book Professional is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in...
Magic Forum Personal - 'view_thread.cfm' Multiple SQL Injections
source: https://www.securityfocus.com/bid/15774/info CFMagic Products are prone to multiple input validation vulnerabilities. These are due to a lack of proper sanitization of user-supplied input. These vulnerabilities allow an attacker to inject malicious SQL code into database queries, and...
Magic List Pro - view_archive.cfm?ListID SQL Injection
Magic List Pro - viewarchive.cfm?ListID SQL Injection source: https://www.securityfocus.com/bid/15774/info CFMagic Products are prone to multiple input validation vulnerabilities. These are due to a lack of proper sanitization of user-supplied input. These vulnerabilities allow an attacker to...
Magic Book v2.0 Professional Vuln.
Magic Book v2.0 Professional Vuln. Vuln. dicovered by : r0t Date: 6 dec. 2005 orginal advisory:http://pridels.blogspot.com/2005/12/magic-book-v20-professional-vuln.html vendor:www.cfmagic.com/products/magicbook.cfm affected version:v.2.0 and prior Product Description: Magic Book Professional...