Lucene search
K

9 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.19 views

OpenDocMan 1.2.5 index.php last_message Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/36777/info OpenDocMan is prone to an SQL-injection vulnerability and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.15 views

OpenDocMan 1.2.5 admin.php last_message Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/36777/info OpenDocMan is prone to an SQL-injection vulnerability and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an...

7.1AI score
Exploits0
CVE
CVE
added 2009/10/27 4:0 p.m.49 views

CVE-2009-3801

OpenDocMan 1.2.5 is affected by a SQL injection in index.php triggered through the frmpass parameter, enabling remote attackers to execute arbitrary SQL commands. This is corroborated by multiple sources in the connected set (NVD entry and OpenVAS/Red Hat redundancy). Root cause centers on improp...

7.5CVSS8AI score0.01013EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2009/10/26 5:0 p.m.24 views

CVE-2009-3789

Multiple cross-site scripting XSS vulnerabilities in OpenDocMan 1.2.5 allow remote attackers to inject arbitrary web script or HTML via the lastmessage parameter to 1 add.php, 2 toBePublished.php, 3 index.php, and 4 admin.php; the PATHINFO to the default URI to 5 category.php, 6 department.php, 7...

5.8AI score0.02812EPSS
Exploits1References15
Exploit DB
Exploit DB
added 2009/10/21 12:0 a.m.19 views

OpenDocMan 1.2.5 - 'user.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/36777/info OpenDocMan is prone to an SQL-injection vulnerability and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to steal cookie-based...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2009/10/21 12:0 a.m.16 views

OpenDocMan 1.2.5 - department.php Cross-Site Scripting

OpenDocMan 1.2.5 - department.php Cross-Site Scripting source: https://www.securityfocus.com/bid/36777/info OpenDocMan is prone to an SQL-injection vulnerability and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues...

6.8AI score
Exploits0
seebug.org
seebug.org
added 2009/10/20 12:0 a.m.15 views

OpenDocMan 1.2.5 xss SQL injection

No description provided by source. Security Advisory : Multiple vulnerabilities in OpenDocMan Discovered by == Amol Naik amolnaik4atgmail.com Overview -------------- OpenDocMan is a free document management system DMS designed to comply with ISO 17025 and OIE standard for document management. It...

7.1AI score
Exploits0
Prion
Prion
added 2008/06/20 11:48 a.m.16 views

Cross site scripting

Cross-site scripting XSS vulnerability in out.php in OpenDocMan 1.2.5 allows remote attackers to inject arbitrary web script or HTML via the lastmessage parameter...

4.3CVSS6.1AI score0.01834EPSS
Exploits1References7Affected Software1
Prion
Prion
added 2008/06/20 11:48 a.m.11 views

Cross site scripting

Cross-site scripting XSS vulnerability in index.php in OpenDocMan 1.2.5 allows remote attackers to inject arbitrary web script or HTML via the redirection parameter...

4.3CVSS6.1AI score0.00845EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder