15 matches found
EUVD-2015-2314
Malware in sbrugna...
EUVD-2015-3467
Malware in sbrugna...
CVE-2015-3423
Multiple SQL injection vulnerabilities in NetCracker Resource Management System before 8.2 allow remote authenticated users to execute arbitrary SQL commands via the 1 ctrl, 2 h%2427, 3 h%2439, 4 param0, 5 param1, 6 param2, 7 param3, 8 param4, 9 filterINSERTCOUNT, 10 filterMINORFALLOUT, 11...
CVE-2015-2207
Multiple cross-site scripting XSS vulnerabilities in NetCracker Resource Management System before 8.2 allow remote authenticated users to inject arbitrary web script or HTML via the 1 ctrl, 2 t900010theformselection, 3 scroll, 4 tableName, 5 parent, 6 circuit, 7 return, 8 xname, or 9...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in NetCracker Resource Management System before 8.2 allow remote authenticated users to inject arbitrary web script or HTML via the 1 ctrl, 2 t900010theformselection, 3 scroll, 4 tableName, 5 parent, 6 circuit, 7 return, 8 xname, or 9...
Sql injection
Multiple SQL injection vulnerabilities in NetCracker Resource Management System before 8.2 allow remote authenticated users to execute arbitrary SQL commands via the 1 ctrl, 2 h%2427, 3 h%2439, 4 param0, 5 param1, 6 param2, 7 param3, 8 param4, 9 filterINSERTCOUNT, 10 filterMINORFALLOUT, 11...
CVE-2015-2207
NetCracker Resource Management System (
CVE-2015-2207
Multiple cross-site scripting XSS vulnerabilities in NetCracker Resource Management System before 8.2 allow remote authenticated users to inject arbitrary web script or HTML via the 1 ctrl, 2 t900010theformselection, 3 scroll, 4 tableName, 5 parent, 6 circuit, 7 return, 8 xname, or 9...
CVE-2015-3423
Multiple SQL injection vulnerabilities in NetCracker Resource Management System before 8.2 allow remote authenticated users to execute arbitrary SQL commands via the 1 ctrl, 2 h%2427, 3 h%2439, 4 param0, 5 param1, 6 param2, 7 param3, 8 param4, 9 filterINSERTCOUNT, 10 filterMINORFALLOUT, 11...
CVE-2015-3423
CVE-2015-3423 affects NetCracker Resource Management System (before 8.2). The vulnerability is multiple SQL injection flaws that allow remote authenticated users to execute arbitrary SQL via a set of parameters, including ctrl, h____%2427, h____%2439, param0–param4, filter_INSERT_COUNT, filter_MI...
NetCracker Resource Management 8.0 - SQL Injection Vulnerability
Vulnerability type: SQL Injection Vendor: http://www.netcracker.com/ Product: NetCracker Resource Management System Affected version: = 8.0 Patched version: 8.2 Credit: Foo Jong Meng, Chia Junyuan, Benjamin Tan CVE ID: CVE-2015-3423 PROOF OF CONCEPT SQLi SQL Injection SQLi vulnerability in multip...
NetCracker Resource Management 8.0 - XSS Vulnerability
Vulnerability type: Cross-site Scripting Vendor: http://www.netcracker.com/ Product: NetCracker Resource Management System Affected version: = 8.0 Patched version: 8.2 Credit: Foo Jong Meng, Chia Junyuan, Benjamin Tan CVE ID: CVE-2015-2207 PROOF OF CONCEPT XSS Cross-site scripting XSS vulnerabili...
NetCracker Resource Management System 8.0 XSS / SQL Injection Vulnerabilities
NetCracker Resource Management System versions 8.0 and below suffer from multiple cross site scripting and sql injection Vulnerabilities Vulnerability type: Cross-site Scripting Vendor: http://www.netcracker.com/ Product: NetCracker Resource Management System Affected version: =alert"XSS"...
NetCracker Resource Management System 8.0 SQL Injection
Vulnerability type: SQL Injection Vendor: http://www.netcracker.com/ Product: NetCracker Resource Management System Affected version: = 8.0 Patched version: 8.2 Credit: Foo Jong Meng, Chia Junyuan, Benjamin Tan CVE ID: CVE-2015-3423 PROOF OF CONCEPT SQLi SQL Injection SQLi vulnerability in multip...
NetCracker Resource Management System 8.0 Cross Site Scripting
Vulnerability type: Cross-site Scripting Vendor: http://www.netcracker.com/ Product: NetCracker Resource Management System Affected version: =alert"XSS" TIMELINE - 28/02/2015: Vulnerability found - 13/03/2015: Vendor informed - 13/03/2015: Vendor responded and acknowledged - 19/05/2015: Vendor...