31 matches found
EUVD-2012-5772
Malware in sbrugna...
EUVD-2012-5774
Malware in sbrugna...
EUVD-2012-5773
Malware in sbrugna...
EUVD-2006-5898
Malware in sbrugna...
EUVD-2006-5897
Malware in sbrugna...
CVE-2012-5898
Cross-site request forgery CSRF vulnerability in SAMEDIA LandShop 0.9.2 allows remote attackers to hijack the authentication of administrators for requests that change account settings...
CVE-2012-5899
Cross-site scripting XSS vulnerability in admin/action/objects.php in SAMEDIA LandShop 0.9.2 allows remote attackers to inject arbitrary web script or HTML via the OTRHEADS parameter in an edit action. NOTE: some of these details are obtained from third party information...
CVE-2012-5900
Multiple SQL injection vulnerabilities in SAMEDIA LandShop 0.9.2 allow remote attackers to execute arbitrary SQL commands via the 1 OBID parameter in a single action to admin/action/objects.php, 2 AREAID parameter in a single action to admin/action/areas.php, or 3 start parameter in a show action...
SAMEDIA LandShop 0.6.3 ls.php Multiple Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/15709/info Landshop is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitatio...
CVE-2012-5898
Cross-site request forgery CSRF vulnerability in SAMEDIA LandShop 0.9.2 allows remote attackers to hijack the authentication of administrators for requests that change account settings...
CVE-2012-5900
Multiple SQL injection vulnerabilities in SAMEDIA LandShop 0.9.2 allow remote attackers to execute arbitrary SQL commands via the 1 OBID parameter in a single action to admin/action/objects.php, 2 AREAID parameter in a single action to admin/action/areas.php, or 3 start parameter in a show action...
CVE-2012-5899
Cross-site scripting XSS vulnerability in admin/action/objects.php in SAMEDIA LandShop 0.9.2 allows remote attackers to inject arbitrary web script or HTML via the OTRHEADS parameter in an edit action. NOTE: some of these details are obtained from third party information...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in SAMEDIA LandShop 0.9.2 allows remote attackers to hijack the authentication of administrators for requests that change account settings...
Sql injection
Multiple SQL injection vulnerabilities in SAMEDIA LandShop 0.9.2 allow remote attackers to execute arbitrary SQL commands via the 1 OBID parameter in a single action to admin/action/objects.php, 2 AREAID parameter in a single action to admin/action/areas.php, or 3 start parameter in a show action...
Cross site scripting
Cross-site scripting XSS vulnerability in admin/action/objects.php in SAMEDIA LandShop 0.9.2 allows remote attackers to inject arbitrary web script or HTML via the OTRHEADS parameter in an edit action. NOTE: some of these details are obtained from third party information...
CVE-2012-5900
Multiple SQL injection vulnerabilities in SAMEDIA LandShop 0.9.2 allow remote attackers to execute arbitrary SQL commands via the 1 OBID parameter in a single action to admin/action/objects.php, 2 AREAID parameter in a single action to admin/action/areas.php, or 3 start parameter in a show action...
CVE-2012-5899
Cross-site scripting XSS vulnerability in admin/action/objects.php in SAMEDIA LandShop 0.9.2 allows remote attackers to inject arbitrary web script or HTML via the OTRHEADS parameter in an edit action. NOTE: some of these details are obtained from third party information...
CVE-2012-5898
The CVE-2012-5898 entry describes a CSRF vulnerability in SAMEDIA LandShop 0.9.2 that can allow an attacker to hijack an administrator’s session to issue requests that change account settings. The connected documents confirm the affected product/version and the nature of the vulnerability but do ...
CVE-2012-5900
SAMEDIA LandShop 0.9.2 is affected by multiple SQL injection vulnerabilities that allow remote attackers to execute arbitrary SQL commands. The issues arise via three input vectors: (1) OB_ID in admin/action/objects.php, (2) AREA_ID in admin/action/areas.php, and (3) start in the show action to a...
CVE-2012-5899
SAMEDIA LandShop 0.9.2 contains a Cross‑site Scripting (XSS) vulnerability in the admin/action/objects.php script. The issue arises from processing the OTR_HEADS[] parameter during an edit action, allowing remote attackers to inject arbitrary web script or HTML. Documents in the connected set con...