12 matches found
EUVD-2006-6911
Malware in sbrugna...
EUVD-2006-6910
Malware in sbrugna...
CVE-2006-6928
Multiple cross-site scripting XSS vulnerabilities in Rialto 1.6 allow remote attackers to inject arbitrary web script or HTML via the 1 cat parameter to a listmain.asp or b searchmain.asp, the 2 the Keyword parameter to c searchkey.asp, or the 3 refno parameter to d forminfo.asp...
CVE-2006-6927
Multiple SQL injection vulnerabilities in Rialto 1.6 allow remote attackers to execute arbitrary SQL commands via 1 the uname username and 2 pword passwd fields in a admin/default.asp; the 3 ID parameter to b listfull.asp or c printmain.asp; the 4 cat parameter to d listmain.asp, e...
CVE-2006-6928
CVE-2006-6928 describes multiple cross-site scripting (XSS) vulnerabilities in Rialto 1.6. The issues allow remote attackers to inject arbitrary web script or HTML via: (1) the cat parameter to listmain.asp or searchmain.asp, (2) the Keyword parameter to searchkey.asp, and (3) the refno parameter...
CVE-2006-6928
Multiple cross-site scripting XSS vulnerabilities in Rialto 1.6 allow remote attackers to inject arbitrary web script or HTML via the 1 cat parameter to a listmain.asp or b searchmain.asp, the 2 the Keyword parameter to c searchkey.asp, or the 3 refno parameter to d forminfo.asp...
CVE-2006-6927
CVE-2006-6927 describes multiple SQL injection vulnerabilities in Rialto 1.6, allowing remote attackers to execute arbitrary SQL commands via various input fields/parameters in the web application (examples include uname, pword in admin/default.asp; IDs in listfull.asp/printmain.asp; cat in listm...
Rialto 1.6[admin login bypass & multiples injections sql]
vendor site: http://www.grandora.com/ product : Rialto 1.6 bug:multiples injection sql , login bypass , xss risk : high ! admin login bypass : /admin/default.asp username: ' or '1' = '1 passwd: ' or '1' = '1 injection sql : /listfull.asp?ID='sql /listmain.asp?cat='sql /printmain.asp?ID='sql...
rialto16.txt
vendor site: http://www.grandora.com/ product : Rialto 1.6 bug:multiples injection sql , login bypass , xss risk : high ! admin login bypass : /admin/default.asp username: ' or '1' = '1 passwd: ' or '1' = '1 injection sql : /listfull.asp?ID='sql /listmain.asp?cat='sql /printmain.asp?ID='sql...
Grandora Rialto 1.6 - listfull.asp?ID SQL Injection
Grandora Rialto 1.6 - listfull.asp?ID SQL Injection source: https://www.securityfocus.com/bid/21191/info Grandora Rialto is prone to multiple input-validation vulnerabilities, including SQL-injection and cross-site scripting issues, because it fails to sufficiently sanitize user-supplied data...
Grandora Rialto 1.6 - 'searchmain.asp' Multiple SQL Injections
source: https://www.securityfocus.com/bid/21191/info Grandora Rialto is prone to multiple input-validation vulnerabilities, including SQL-injection and cross-site scripting issues, because it fails to sufficiently sanitize user-supplied data. Exploiting this issue could allow an attacker to steal...
Grandora Rialto 1.6 - 'searchoption.asp' Multiple SQL Injections
source: https://www.securityfocus.com/bid/21191/info Grandora Rialto is prone to multiple input-validation vulnerabilities, including SQL-injection and cross-site scripting issues, because it fails to sufficiently sanitize user-supplied data. Exploiting this issue could allow an attacker to steal...