8 matches found
EUVD-2004-1599
Malware in sbrugna...
CVE-2004-1608
SQL injection vulnerability in SalesLogix 6.1 allows remote attackers to execute arbitrary SQL statements via the id parameter in a view operation...
CVE-2004-1608
Technical details about CVE-2004-1608 are not publicly available in the provided connected documents. Monitor for updates for any concrete affected products, versions, impact, or remediation information.
CVE-2004-1611
SalesLogix 6.1 does not verify if a user is authenticated before performing sensitive operations, which could allow remote attackers to 1 execute arbitrary SLX commands on the server or spoof the server via a man-in-the-middle MITM attack, or 2 obtain the database password via a GetConnection...
CVE-2004-1606
slxweb.dll in SalesLogix 6.1 allows remote attackers to cause a denial service application crash via an invalid HTTP request, which might also leak sensitive information in the ErrorLogMsg cookie...
CVE-2004-1612
CVE-2004-1612 is a directory traversal vulnerability in SalesLogix 6.1 that allowed remote attackers to upload arbitrary files by using a .. (dot dot) payload in a ProcessQueueFile request. The core advisory details in the CVE entry describe the file upload via traversal but do not enumerate affe...
CVE-2004-1608
SQL injection vulnerability in SalesLogix 6.1 allows remote attackers to execute arbitrary SQL statements via the id parameter in a view operation...
CVE-2004-1611
SalesLogix 6.1 does not verify if a user is authenticated before performing sensitive operations, which could allow remote attackers to 1 execute arbitrary SLX commands on the server or spoof the server via a man-in-the-middle MITM attack, or 2 obtain the database password via a GetConnection...