3 matches found
Sql injection
Multiple SQL injection vulnerabilities in Infoproject Biznis Heroj allow remote attackers to execute arbitrary SQL commands via the 1 username and 2 password parameters to login.php, 3 the filter parameter to widget.dokumentilista.php, and 4 the finnalogid parameter to nalozinaslov.php...
CVE-2011-5040
Multiple cross-site scripting XSS vulnerabilities in Infoproject Biznis Heroj allow remote attackers to inject arbitrary web script or HTML via the config parameter to 1 nalozinaslov.php and 2 widget.dokumentilista.php...
Infoproject Biznis Heroj Cross Site Scripting / SQL Injection
Infoproject Biznis Heroj XSS/SQLi Multiple Remote Vulnerabilities Vendor: Infoproject DOO Product web page: http://www.biznisheroj.mk Affected version: Plus, Pro and Extra Summary: Biznis Heroj or Business Hero Áèçíèñ Õåðî¼ is the first software on the Macedonian market that will help you manage...