12 matches found
CVE-2024-49107
WmsRepair Service Elevation of Privilege Vulnerability...
AC Repair and Services System SQL注入漏洞
AC Repair and Services System is an air conditioning repair and services system by Carlo Montero Personal Developer. A SQL injection vulnerability exists in AC Repair and Services System version 1.0, which stems from a misuse of the parameter id resulting in sql injection...
brisbaneappliancerepairservice.com.au Cross Site Scripting vulnerability OBB-2828101
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Sourcecodester Vehicle Service Management System Cross-Site Scripting Vulnerability (CNVD-2022-02640)
Sourcecodester Vehicle Service Management System is an open source PHP project. A simple Web application for automotive repair/service stores or businesses. Sourcecodester Vehicle Service Management System version 1.0 has a cross-site scripting vulnerability that stems from the vulnerability stem...
Car Repair Services < 4.0 - Unauthenticated Reflected XSS & XFS
The theme did not properly sanitise its serviceestimatekey search parameter before outputting it back in the page, leading to a reflected Cross-Site Scripting issue https://smartdata.tonytemplates.com/car-repair-service-v4/car1/estimateresult/result?s=&serviceestimatekey=...
phoenixcomputerrepairservice.net Cross Site Scripting vulnerability OBB-1300583
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
Scammers Pushing Fake AV Via Skype
Rogue anti virus software companies have decided to “reach out and touch someone,” according to a new report from Krebsonsecurity.com. Groups responsible for pushing the bogus anti malware programs are using Internet-based phone calls over the Skype network to trick unsuspecting users into...
CVE-2010-1906
tgsrv.exe in the Repair Service in Consona Dynamic Agent, Repair Manager, Subscriber Activation, and Subscriber Agent relies on a predictable timestamp field to validate input to the \.\pipe\RepairServicepipecompany named pipe, which allows remote authenticated users to execute arbitrary code by...
Code injection
tgsrv.exe in the Repair Service in Consona Dynamic Agent, Repair Manager, Subscriber Activation, and Subscriber Agent relies on a predictable timestamp field to validate input to the \.\pipe\RepairServicepipecompany named pipe, which allows remote authenticated users to execute arbitrary code by...
CVE-2010-1906
tgsrv.exe in the Repair Service in Consona Dynamic Agent, Repair Manager, Subscriber Activation, and Subscriber Agent relies on a predictable timestamp field to validate input to the \.\pipe\RepairServicepipecompany named pipe, which allows remote authenticated users to execute arbitrary code by...
CVE-2010-1906
The CVE-2010-1906 entry concerns tgsrv.exe in Consona Dynamic Agent components (Repair Service, Repair Manager, Subscriber Activation, Subscriber Agent). The root cause is reliance on a predictable timestamp field to validate input to the named pipe \.\pipe\__RepairService_pipe__company, enabling...
Consona (formerly SupportSoft) Intelligent Assistance Suite (IAS) cross-site scripting, ActiveX, and Repair Service vulnerabilities
Overview Consona formerly SupportSoft Intelligent Assistance Suite IAS contains a set of vulnerabilities that collectively could allow an attacker to execute arbitrary code on a remote system. Description In 2009, Consona acquired SupportSoft's enterprise software assets, including web-based...