52 matches found
CVE-2008-2767
SQL injection vulnerability in search.asp in Xigla Poll Manager XE allows remote authenticated users with administrator role privileges to execute arbitrary SQL commands via the orderby parameter...
CVE-2008-2768
Cross-site scripting XSS vulnerability in admin/search.asp in Xigla Poll Manager XE allows remote authenticated users with administrator role privileges to inject arbitrary web script or HTML via unspecified vectors "all fields"...
CVE-2008-2767
CVE-2008-2767 describes a SQL injection vulnerability in the search.asp component of Xigla Poll Manager XE. The flaw allows remote authenticated users with administrator privileges to execute arbitrary SQL commands through the orderby parameter, potentially impacting data confidentiality, integri...
CVE-2008-2768
The CVE-2008-2768 entry concerns a Cross-site scripting (XSS) vulnerability in admin/search.asp of Xigla Poll Manager XE. The issue allows remote authenticated users with administrator privileges to inject arbitrary web script or HTML via unspecified vectors described as “all fields.” The provide...
absolute-screwups.txt
www.BugReport.ir AmnPardaz Security Research Team Title: Xigla Multiple Products - Multiple Vulnerabilities Vendor: http://www.xigla.com/ Exploit: N/A Impact: Medium Fix: N/A Original Advisory: http://bugreport.ir/index.php?/41 1. Description: Xigla company has several web based products From...
CVE-2007-4630
Cross-site scripting XSS vulnerability in xlaapmview.asp in Absolute Poll Manager XE 4.1 allows remote attackers to inject arbitrary web script or HTML via the msg parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in xlaapmview.asp in Absolute Poll Manager XE 4.1 allows remote attackers to inject arbitrary web script or HTML via the msg parameter...
CVE-2007-4630
Cross-site scripting XSS vulnerability in xlaapmview.asp in Absolute Poll Manager XE 4.1 allows remote attackers to inject arbitrary web script or HTML via the msg parameter...
CVE-2007-4630
The CVE-2007-4630 issue is an XSS vulnerability in the xlaapmview.asp component of Absolute Poll Manager XE 4.1, allowing remote attackers to inject arbitrary script/HTML via the msg parameter. Affected: Absolute Poll Manager XE 4.1 (xlaapmview.asp). Root cause: improper handling/sanitization of ...
PR07-23: Non-persistent Cross-site Scripting (XSS) on Absolute Poll Manager XE admin page
Date Found: 10th April 2007 Vendor informed: 4th July 2007 Successfully tested on: Absolute Poll Manager XE - Version 4.1. Earlier versions are possibly affected as well but have NOT been tested. Description: Absolute Poll Manager XE is vulnerable to a vanilla XSS within the...
Absolute Poll Manager XE 4.1 - xlaapmview.asp Cross-Site Scripting
Absolute Poll Manager XE 4.1 - xlaapmview.asp Cross-Site Scripting source: https://www.securityfocus.com/bid/25492/info Absolute Poll Manager XE is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. Exploiting this vulnerability may allow an...
Absolute Poll Manager XE 4.1 - 'xlaapmview.asp' Cross-Site Scripting
source: https://www.securityfocus.com/bid/25492/info Absolute Poll Manager XE is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. Exploiting this vulnerability may allow an attacker to perform cross-site scripting attacks on unsuspecting use...