38 matches found
EUVD-2010-0247
Malware in sbrugna...
EUVD-2011-2074
Malware in sbrugna...
EUVD-2011-2075
Malware in sbrugna...
EUVD-2011-2073
Malware in sbrugna...
EUVD-2011-2072
Malware in sbrugna...
EUVD-2011-2070
Malware in sbrugna...
EUVD-2011-2071
Malware in sbrugna...
mediacast.wsfcs.k12.nc.us XSS vulnerability
Vulnerable URL: http://mediacast.wsfcs.k12.nc.us/login.cfm?Message=%22%3E%3Csvg/onload=prompt%28/XSSPOSED/%29%3E Details: Description| Value ---|--- Patched:| Yes, at 26.07.2017 Latest check for patch:| 26.07.2017 10:53 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa...
CVE-2011-2077
The default configuration of the New Atlanta BlueDragon administrative interface in MediaCAST 8 and earlier enables external TCP connections to port 10000, instead of connections only from 127.0.0.1, which makes it easier for remote attackers to have an unspecified impact via a TCP session...
CVE-2011-2080
Multiple SQL injection vulnerabilities in MediaCAST 8 and earlier allow remote attackers to execute arbitrary SQL commands via 1 a CPENLARGESTYLE cookie to the default URI under inventivex/managetraining/ or 2 unspecified input to authenticateadsetupfinished.cfm...
CVE-2011-2081
MediaCAST 8 and earlier does not properly handle requests for inventivex/isptools/release/metadata/globalIncludeFolders.txt, which allows remote attackers to obtain sensitive information via unspecified vectors related to the Public/ directory tree...
CVE-2011-2076
MediaCAST 8 and earlier stores passwords in cleartext, which makes it easier for context-dependent attackers to obtain sensitive information by reading an unspecified password data store, a different vulnerability than CVE-2010-0216...
CVE-2011-2078
Multiple cross-site scripting XSS vulnerabilities in the New Atlanta BlueDragon administrative interface in MediaCAST 8 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2011-2079
MediaCAST 8 and earlier allows remote attackers to have an unspecified impact via a 1 CPRIGHTSOURCE or 2 bdclientInventive cookie to the default URI under inventivex/managetraining/, related to an "XML injection" issue...
CVE-2010-0216
authenticateadsetupfinished.cfm in MediaCAST 8 and earlier allows remote attackers to discover usernames and cleartext passwords by reading the error messages returned for requests that use the UserID parameter...
Sql injection
Multiple SQL injection vulnerabilities in MediaCAST 8 and earlier allow remote attackers to execute arbitrary SQL commands via 1 a CPENLARGESTYLE cookie to the default URI under inventivex/managetraining/ or 2 unspecified input to authenticateadsetupfinished.cfm...
Default credentials
authenticateadsetupfinished.cfm in MediaCAST 8 and earlier allows remote attackers to discover usernames and cleartext passwords by reading the error messages returned for requests that use the UserID parameter...
Default configuration
The default configuration of the New Atlanta BlueDragon administrative interface in MediaCAST 8 and earlier enables external TCP connections to port 10000, instead of connections only from 127.0.0.1, which makes it easier for remote attackers to have an unspecified impact via a TCP session...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the New Atlanta BlueDragon administrative interface in MediaCAST 8 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Design/Logic Flaw
MediaCAST 8 and earlier allows remote attackers to have an unspecified impact via a 1 CPRIGHTSOURCE or 2 bdclientInventive cookie to the default URI under inventivex/managetraining/, related to an "XML injection" issue...