41 matches found
EUVD-2006-6910
Malware in sbrugna...
EUVD-2006-6911
Malware in sbrugna...
RewardsStartTime should be reset when decreaseAVAXAssigned is called
Lines of code Vulnerability details Impact Proof of Concept The fix for M-19 is to get rid of the miniCount code-423n4/2022-12-gogopool-findings235 in calculateAndDistributeRewards function, however, the logic below is added: // check if their rewards time should be reset if...
Upgraded Q -> 2 from #653 [1675442664703]
Judge has assessed an item in Issue 653 as 2 risk. The relevant finding follows: 1. Funds are locked if Rialto use function finishFailedMinipoolByMultisig Detail Function finishFailedMinipoolByMultisig did not transfer any funds or doing any data change, only updating state of minipool to Finishe...
Grandora Rialto 1.6 searchkey.asp Multiple Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/21191/info Grandora Rialto is prone to multiple input-validation vulnerabilities, including SQL-injection and cross-site scripting issues, because it fails to sufficiently sanitize user-supplied data. Exploiting this issu...
Grandora Rialto 1.6 listfull.asp ID Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/21191/info Grandora Rialto is prone to multiple input-validation vulnerabilities, including SQL-injection and cross-site scripting issues, because it fails to sufficiently sanitize user-supplied data. Exploiting this issu...
Grandora Rialto 1.6 searchmain.asp Multiple Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/21191/info Grandora Rialto is prone to multiple input-validation vulnerabilities, including SQL-injection and cross-site scripting issues, because it fails to sufficiently sanitize user-supplied data. Exploiting this issu...
Grandora Rialto 1.6 searchkey.asp Keyword Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/21191/info Grandora Rialto is prone to multiple input-validation vulnerabilities, including SQL-injection and cross-site scripting issues, because it fails to sufficiently sanitize user-supplied data. Exploiting this issu...
Grandora Rialto 1.6 listmain.asp cat Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/21191/info Grandora Rialto is prone to multiple input-validation vulnerabilities, including SQL-injection and cross-site scripting issues, because it fails to sufficiently sanitize user-supplied data. Exploiting this issu...
Grandora Rialto 1.6 listmain.asp cat Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/21191/info Grandora Rialto is prone to multiple input-validation vulnerabilities, including SQL-injection and cross-site scripting issues, because it fails to sufficiently sanitize user-supplied data. Exploiting this issu...
Grandora Rialto 1.6 /admin/default.asp Multiple Field SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/21191/info Grandora Rialto is prone to multiple input-validation vulnerabilities, including SQL-injection and cross-site scripting issues, because it fails to sufficiently sanitize user-supplied data. Exploiting this issu...
Grandora Rialto 1.6 searchoption.asp Multiple Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/21191/info Grandora Rialto is prone to multiple input-validation vulnerabilities, including SQL-injection and cross-site scripting issues, because it fails to sufficiently sanitize user-supplied data. Exploiting this issu...
Grandora Rialto 1.6 forminfo.asp refno Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/21191/info Grandora Rialto is prone to multiple input-validation vulnerabilities, including SQL-injection and cross-site scripting issues, because it fails to sufficiently sanitize user-supplied data. Exploiting this issu...
Grandora Rialto 1.6 printmain.asp ID Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/21191/info Grandora Rialto is prone to multiple input-validation vulnerabilities, including SQL-injection and cross-site scripting issues, because it fails to sufficiently sanitize user-supplied data. Exploiting this issu...
Grandora Rialto CMS SQLi|XSS|HTML|URL Redirecting Vulnerability
Exploit for php platform in category web applications =============================================================== Grandora Rialto CMS SQLi|XSS|HTML|URL Redirecting Vulnerability ===============================================================...
CVE-2006-6928
Multiple cross-site scripting XSS vulnerabilities in Rialto 1.6 allow remote attackers to inject arbitrary web script or HTML via the 1 cat parameter to a listmain.asp or b searchmain.asp, the 2 the Keyword parameter to c searchkey.asp, or the 3 refno parameter to d forminfo.asp...
CVE-2006-6927
Multiple SQL injection vulnerabilities in Rialto 1.6 allow remote attackers to execute arbitrary SQL commands via 1 the uname username and 2 pword passwd fields in a admin/default.asp; the 3 ID parameter to b listfull.asp or c printmain.asp; the 4 cat parameter to d listmain.asp, e...
CVE-2006-6928
CVE-2006-6928 describes multiple cross-site scripting (XSS) vulnerabilities in Rialto 1.6. The issues allow remote attackers to inject arbitrary web script or HTML via: (1) the cat parameter to listmain.asp or searchmain.asp, (2) the Keyword parameter to searchkey.asp, and (3) the refno parameter...
CVE-2006-6927
Multiple SQL injection vulnerabilities in Rialto 1.6 allow remote attackers to execute arbitrary SQL commands via 1 the uname username and 2 pword passwd fields in a admin/default.asp; the 3 ID parameter to b listfull.asp or c printmain.asp; the 4 cat parameter to d listmain.asp, e...
CVE-2006-6927
CVE-2006-6927 describes multiple SQL injection vulnerabilities in Rialto 1.6, allowing remote attackers to execute arbitrary SQL commands via various input fields/parameters in the web application (examples include uname, pword in admin/default.asp; IDs in listfull.asp/printmain.asp; cat in listm...