6 matches found
EUVD-2018-4999
Malware in sbrugna...
CVE-2018-13049
The constructSQL function in inc/search.class.php in GLPI 9.2.x through 9.3.0 allows SQL Injection, as demonstrated by triggering a crafted LIMIT clause to front/computer.php...
CVE-2018-13049
The constructSQL function in inc/search.class.php in GLPI 9.2.x through 9.3.0 allows SQL Injection, as demonstrated by triggering a crafted LIMIT clause to front/computer.php...
CVE-2018-13049
CVE-2018-13049 affects GLPI 9.2.x through 9.3.0, where the constructSQL function in inc/search.class.php allows SQL Injection via a crafted LIMIT clause to front/computer.php. Connected advisories confirm the root cause (constructSQL in GLPI) and that upstream patches were released to fix the vul...
CVE-2010-3463
Cross-site scripting XSS vulnerability in modules/search/search.class.php in SantaFox 2.02, and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the search parameter to search.html...
CVE-2010-3463
SantaFox 2.02 (and possibly earlier) is vulnerable to a Cross-site Scripting (XSS) flaw in modules/search/search.class.php, exploitable via the search parameter to search.html. The root cause is insufficient input sanitation in the search parameter, allowing remote attackers to inject arbitrary H...