14 matches found
EUVD-2008-1143
Malware in sbrugna...
Omegasoft Insel 7 Authentication Bypass Vulnerability and User Enumeration Weakness
No description provided by source. source: http://www.securityfocus.com/bid/27210/info Omegasoft Insel is prone to an authentication bypass vulnerability and a user-enumeration weakness. An attacker can exploit these issues to obtain sensitive information and gain unauthorized access to the...
Authentication flaw
OMEGA aka Omegasoft INterneSErvicesLosungen INSEL 7 supports authentication with a cookie that lacks a shared secret, which allows remote attackers to login as an arbitrary user via a modified cookie...
Omegasoft Insel 7 - Authentication Bypass / User Enumeration
source: https://www.securityfocus.com/bid/27210/info Omegasoft Insel is prone to an authentication bypass vulnerability and a user-enumeration weakness. An attacker can exploit these issues to obtain sensitive information and gain unauthorized access to the application. These issues affect...
Privileg escalation in Omegasoft Insel 7
Hi list, Omegasoft's Insel 7 stores Cookies on your computer for identifying the logged-in user. As these Cookies do not contain any password hash but only the username and some meaningless stuff you can easily get into the system with another login. this gets even more easy, as there is a...
Omegasoft Insel 7 - Authentication Bypass User Enumeration
Omegasoft Insel 7 - Authentication Bypass User Enumeration source: https://www.securityfocus.com/bid/27210/info Omegasoft Insel is prone to an authentication bypass vulnerability and a user-enumeration weakness. An attacker can exploit these issues to obtain sensitive information and gain...
Sql injection
Multiple SQL injection vulnerabilities in OmegaMw7.asp in OMEGA aka Omegasoft INterneSErvicesLosungen INSEL allow remote attackers to execute arbitrary SQL commands via 1 user-created text fields; the 2 F05003, 3 F05005, and 4 F05015 fields; and other unspecified standard fields...
CVE-2007-2992
Multiple SQL injection vulnerabilities in OmegaMw7.asp in OMEGA aka Omegasoft INterneSErvicesLosungen INSEL allow remote attackers to execute arbitrary SQL commands via 1 user-created text fields; the 2 F05003, 3 F05005, and 4 F05015 fields; and other unspecified standard fields...
CVE-2007-2992
CVE-2007-2992 describes multiple SQL injection vulnerabilities in OmegaMw7.asp for Omega (aka Omegasoft) INterneSErvicesLosungen (INSEL). The affected component is the OmegaMw7.asp page; the root cause is improper handling of user-controllable input in fields including the (1) user-created text f...
CVE-2007-2993
CVE-2007-2993 describes multiple cross-site scripting (XSS) vulnerabilities in OmegaMw7.asp of OMEGA (aka Omegasoft) INterneSErvicesLosungen (INSEL). The issue allows remote attackers to inject arbitrary web script or HTML via user-created text fields and specifically through the (1) F05003, (2) ...
[Full-disclosure] static XSS / SQL-Injection in Omegasoft Insel
Input passed to fields in OmegaMw7's tables isn't properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site and/or inject SQL-Commands This applies to many many standard fields i...
static XSS / SQL-Injection in Omegasoft Insel
Input passed to fields in OmegaMw7's tables isn't properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site and/or inject SQL-Commands This applies to many many standard fields i...
CVE-2006-2640
Cross-site scripting XSS vulnerability in OmegaMw7a.ASP in OMEGA aka Omegasoft INterneSErvicesLosungen INSEL allows remote attackers to inject arbitrary web script or HTML via the WCE parameter...
CVE-2006-2640
The CVE-2006-2640 entry describes a Cross-site Scripting (XSS) vulnerability in OmegaMw7a.ASP within OMEGA (aka Omegasoft) INterneSErvicesLosungen (INSEL). The flaw allows remote attackers to inject arbitrary web script or HTML via the WCE parameter. According to NVD data, the vulnerability affec...