16 matches found
EUVD-2009-3495
Malware in sbrugna...
Pilot Group eTraining courses_login.php cat_id Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/35834/info PG eTraining is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the...
Pilot Group eTraining lessons_login.php Multiple Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/35834/info PG eTraining is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the...
Pilot Group eTraining news_read.php id Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/35834/info PG eTraining is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the...
CVE-2009-3513
Multiple cross-site scripting XSS vulnerabilities in Pilot Group PG eTraining allow remote attackers to inject arbitrary web script or HTML via 1 the catid parameter to courseslogin.php, the id parameter to 2 newsread.php or 3 lessonslogin.php, or 4 the cur parameter in a start action to...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Pilot Group PG eTraining allow remote attackers to inject arbitrary web script or HTML via 1 the catid parameter to courseslogin.php, the id parameter to 2 newsread.php or 3 lessonslogin.php, or 4 the cur parameter in a start action to...
Pilot Group eTraining - 'lessons_login.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/35834/info PG eTraining is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user i...
Pilot Group eTraining - 'courses_login.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/35834/info PG eTraining is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user i...
Pilot Group eTraining - lessons_login.php Cross-Site Scripting
Pilot Group eTraining - lessonslogin.php Cross-Site Scripting source: https://www.securityfocus.com/bid/35834/info PG eTraining is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute...
Pilot Group eTraining - courses_login.php Cross-Site Scripting
Pilot Group eTraining - courseslogin.php Cross-Site Scripting source: https://www.securityfocus.com/bid/35834/info PG eTraining is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute...
Pilot Group eTraining - news_read.php Cross-Site Scripting
Pilot Group eTraining - newsread.php Cross-Site Scripting source: https://www.securityfocus.com/bid/35834/info PG eTraining is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute...
CVE-2008-4709
SQL injection vulnerability in newsread.php in Pilot Group PG eTraining allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2008-4709
SQL injection vulnerability in newsread.php in Pilot Group PG eTraining allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2008-4709
CVE-2008-4709 represents a SQL injection vulnerability in Pilot Group (PG) eTraining, specifically in news_read.php where the id parameter is unsafely used in SQL queries. The underlying issue allows remote attackers to craft queries that can be executed by the database, enabling arbitrary SQL ex...
Pilot Group eTraining (news_read.php id) SQL Injection Vulnerability
No description provided by source. --==+================================================================================+==-- --==+ Pilot Online Training Solution Remote SQL Injection Vulnerbility +==-- --==+================================================================================+==--...
Pilot Group eTraining - 'news_read.php' SQL Injection
--==+================================================================================+==-- --==+ Pilot Online Training Solution Remote SQL Injection Vulnerbility +==-- --==+================================================================================+==--...