EUVD-2010-4800

Malware in sbrugna...

EUVD-2010-4799

Malware in sbrugna...

EUVD-2012-1012

Malware in sbrugna...

CVE-2012-0989

Cross-site scripting XSS vulnerability in OneOrZero AIMS 2.8.0 Trial Edition build231211 and possibly earlier allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to index.php...

Cross site scripting

Cross-site scripting XSS vulnerability in OneOrZero AIMS 2.8.0 Trial Edition build231211 and possibly earlier allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to index.php...

CVE-2012-0989

CVE-2012-0989 affects OneOrZero AIMS 2.8.0 Trial Edition build231211 (and possibly earlier). The vulnerability is a Cross‑site Scripting (XSS) that allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index.php. According to NVD, the base score is 4.3 (Medium) with ...

CVE-2012-0989

Cross-site scripting XSS vulnerability in OneOrZero AIMS 2.8.0 Trial Edition build231211 and possibly earlier allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to index.php...

XSS in OneOrZero AIMS

Advisory ID: HTB23066 Reference: https://www.htbridge.ch/advisory/xssinoneorzeroaims.html Product: OneOrZero AIMS Vendor: www.oneorzero.com http://www.oneorzero.com/ Vulnerable Version: 2.8.0 Trial build231211 and probably prior Tested Version: 2.8.0 Trial build231211 Vendor Notification: 28...

OneOrZero AIMS 'index.php' Cross Site Scripting Vulnerability

OneOrZero AIMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker t...

OneOrZero AIMS 2.8.0 Trial Build 231211 Cross Site Scripting

Advisory ID: HTB23066 Reference: https://www.htbridge.ch/advisory/xssinoneorzeroaims.html Product: OneOrZero AIMS Vendor: www.oneorzero.com http://www.oneorzero.com/ Vulnerable Version: 2.8.0 Trial build231211 and probably prior Tested Version: 2.8.0 Trial build231211 Vendor Notification: 28...

OneOrZero AIMS - index.php Cross-Site Scripting

OneOrZero AIMS - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/51549/info OneOrZero AIMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in t...

OneOrZero AIMS - 'index.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/51549/info OneOrZero AIMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the contex...

XSS in OneOrZero AIMS

High-Tech Bridge SA Security Research Lab has discovered vulnerability in OneOrZero AIMS, which can be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in OneOrZero AIMS: CVE-2012-0989 Input appended to the URL after index.php is not properly sanitised...

[PT-2011-20] Authorization bypass vulnerability in OneOrZero AIMS

---------------------------------------------------------------------- PT-2011-20 Positive Technologies Security Advisory Authorization bypass vulnerability in OneOrZero AIMS ---------------------------------------------------------------------- ---Vulnerable software OneOrZero AIMS Version: 2.7....

[PT-2011-21] SQL injection vulnerability in OneOrZero AIMS

---------------------------------------------------------------------- PT-2011-21 Positive Technologies Security Advisory SQL injection vulnerability in OneOrZero AIMS ---------------------------------------------------------------------- ---Vulnerable software OneOrZero AIMS Version: 2.7.0 and...

CVE-2011-4214

OneOrZero Action & Information Management System AIMS 2.7.0 allows remote attackers to bypass authentication and obtain administrator privileges via a crafted oozimsrememberme cookie...

CVE-2011-4214

OneOrZero Action & Information Management System AIMS 2.7.0 allows remote attackers to bypass authentication and obtain administrator privileges via a crafted oozimsrememberme cookie...

CVE-2011-4215

OneOrZero AIMS (OneOrZero AIMS 2.7.0) is affected by CVE-2011-4215 due to an SQL injection in lib/ooz_access.php where the cookieName parameter enables remote attackers to execute arbitrary SQL commands. This vulnerability is described across multiple sources (NVD entry and OpenVAS tests) with a ...

OneOrZero AIMS Security Bypass and SQLi Vulnerabilities

OneOrZero AIMS is prone to a security bypass vulnerability and an SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

OneOrZero AIMS Security Bypass and SQL Injection Vulnerabilities

OneOrZero AIMS is prone to a security-bypass vulnerability and an SQL- injection vulnerability. An attacker can exploit these issues to bypass certain security restrictions, perform unauthorized actions, bypass filtering, and modify the logic of SQL queries. OneOrZero AIMS 2.7.0 is affected; othe...