30 matches found
EUVD-2012-3814
Malware in sbrugna...
EUVD-2012-3815
Malware in sbrugna...
EUVD-2012-3817
Malware in sbrugna...
EUVD-2012-3816
Malware in sbrugna...
CVE-2012-3871
Cross-site scripting XSS vulnerability in data/hybrid/ihybrid.php in Open Constructor 3.12.0 allows remote authenticated users to inject arbitrary web script or HTML via the header parameter...
CVE-2012-3870
Multiple cross-site scripting XSS vulnerabilities in objects/createobject.php in Open Constructor 3.12.0 allow remote authenticated users to inject arbitrary web script or HTML via the 1 name or 2 description parameter...
CVE-2012-3872
Multiple cross-site scripting XSS vulnerabilities in Open Constructor 3.12.0 allow remote attackers to inject arbitrary web script or HTML via 1 the result parameter to data/file/edit.php, 2 the q parameter to confirm.php, or 3 the keyword parameter to users/users.php...
CVE-2012-3873
Multiple SQL injection vulnerabilities in Open Constructor 3.12.0 allow remote authenticated users to execute arbitrary SQL commands via the id parameter to 1 data/gallery/edit.php, 2 data/guestbook/edit.php, 3 data/file/edit.php, 4 data/htmltext/edit.php, 5 data/publication/edit.php, or 6...
CVE-2012-3872
Multiple cross-site scripting XSS vulnerabilities in Open Constructor 3.12.0 allow remote attackers to inject arbitrary web script or HTML via 1 the result parameter to data/file/edit.php, 2 the q parameter to confirm.php, or 3 the keyword parameter to users/users.php...
CVE-2012-3873
Multiple SQL injection vulnerabilities in Open Constructor 3.12.0 allow remote authenticated users to execute arbitrary SQL commands via the id parameter to 1 data/gallery/edit.php, 2 data/guestbook/edit.php, 3 data/file/edit.php, 4 data/htmltext/edit.php, 5 data/publication/edit.php, or 6...
CVE-2012-3870
Multiple cross-site scripting XSS vulnerabilities in objects/createobject.php in Open Constructor 3.12.0 allow remote authenticated users to inject arbitrary web script or HTML via the 1 name or 2 description parameter...
CVE-2012-3871
Cross-site scripting XSS vulnerability in data/hybrid/ihybrid.php in Open Constructor 3.12.0 allows remote authenticated users to inject arbitrary web script or HTML via the header parameter...
Sql injection
Multiple SQL injection vulnerabilities in Open Constructor 3.12.0 allow remote authenticated users to execute arbitrary SQL commands via the id parameter to 1 data/gallery/edit.php, 2 data/guestbook/edit.php, 3 data/file/edit.php, 4 data/htmltext/edit.php, 5 data/publication/edit.php, or 6...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Open Constructor 3.12.0 allow remote attackers to inject arbitrary web script or HTML via 1 the result parameter to data/file/edit.php, 2 the q parameter to confirm.php, or 3 the keyword parameter to users/users.php...
Cross site scripting
Cross-site scripting XSS vulnerability in data/hybrid/ihybrid.php in Open Constructor 3.12.0 allows remote authenticated users to inject arbitrary web script or HTML via the header parameter...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in objects/createobject.php in Open Constructor 3.12.0 allow remote authenticated users to inject arbitrary web script or HTML via the 1 name or 2 description parameter...
CVE-2012-3870
Multiple cross-site scripting XSS vulnerabilities in objects/createobject.php in Open Constructor 3.12.0 allow remote authenticated users to inject arbitrary web script or HTML via the 1 name or 2 description parameter...
CVE-2012-3872
Multiple cross-site scripting XSS vulnerabilities in Open Constructor 3.12.0 allow remote attackers to inject arbitrary web script or HTML via 1 the result parameter to data/file/edit.php, 2 the q parameter to confirm.php, or 3 the keyword parameter to users/users.php...
CVE-2012-3873
Multiple SQL injection vulnerabilities in Open Constructor 3.12.0 allow remote authenticated users to execute arbitrary SQL commands via the id parameter to 1 data/gallery/edit.php, 2 data/guestbook/edit.php, 3 data/file/edit.php, 4 data/htmltext/edit.php, 5 data/publication/edit.php, or 6...
CVE-2012-3871
Cross-site scripting XSS vulnerability in data/hybrid/ihybrid.php in Open Constructor 3.12.0 allows remote authenticated users to inject arbitrary web script or HTML via the header parameter...