8 matches found
EUVD-2005-3478
Malware in sbrugna...
CVE-2005-3480
login.asp in Ringtail CaseBook 6.1.0 displays different error messages depending on whether a user exists or not, which allows remote attackers to determine valid usernames...
CVE-2005-3479
Cross-site scripting XSS vulnerability in login.asp in Ringtail CaseBook 6.1.0 allows remote attackers to inject arbitrary web script or HTML via the users parameter...
CVE-2005-3479
CVE-2005-3479 describes a cross-site scripting (XSS) flaw in Ringtail CaseBook 6.1.0, specifically in login.asp where an attacker can inject arbitrary script via the users parameter. Affected software is Ringtail CaseBook 6.1.0; the vulnerability arises from improper handling of the users input, ...
CVE-2005-3480
login.asp in Ringtail CaseBook 6.1.0 displays different error messages depending on whether a user exists or not, which allows remote attackers to determine valid usernames...
CVE-2005-3480
CVE-2005-3480 affects Ringtail CaseBook 6.1.0 where login.asp returns distinct error messages for valid vs. invalid usernames, enabling remote attackers to enumerate valid usernames. The connected documents corroborate that the issue is an informational disclosure in authentication messages, with...
CVE-2005-3479
Cross-site scripting XSS vulnerability in login.asp in Ringtail CaseBook 6.1.0 allows remote attackers to inject arbitrary web script or HTML via the users parameter...
[SA17383] Ringtail CaseBook Cross-Site Scripting and Username Enumeration
TITLE: Ringtail CaseBook Cross-Site Scripting and Username Enumeration SECUNIA ADVISORY ID: SA17383 VERIFY ADVISORY: http://secunia.com/advisories/17383/ CRITICAL: Less critical IMPACT: Cross Site Scripting, Exposure of system information WHERE: From remote SOFTWARE: Ringtail CaseBook 6.x...