21 matches found
EUVD-2005-1014
Malware in sbrugna...
EUVD-2005-4478
Malware in sbrugna...
EUVD-2005-1015
Malware in sbrugna...
SiteEnable 3.3 Login.ASP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/16009/info SiteEnable is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary...
SiteEnable SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/12985/info SiteEnable is reported prone to an SQL injection vulnerability. This vulnerability could permit remote attackers to pass malicious input to database queries, resulting in modification of query logic or other...
CVE-2005-4483
Cross-site scripting XSS vulnerability in login.asp in SiteEnable 3.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the retpage parameter...
CVE-2005-4483
CVE-2005-4483 discloses a cross-site scripting (XSS) flaw in SiteEnable 3.3 and earlier, occurring in login.asp and exploitable via the ret_page parameter. The vulnerability allows remote attackers to inject arbitrary web script or HTML, potentially affecting users who interact with the compromis...
CVE-2005-4483
Cross-site scripting XSS vulnerability in login.asp in SiteEnable 3.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the retpage parameter...
SiteEnable XSS vuln.
SiteEnable XSS vuln. Vuln. discovered by : r0t Date: 21 dec. 2005 orginal advisory:http://pridels.blogspot.com/2005/12/siteenable-xss-vuln.html vendor:http://www.siteenable.com/ affected version:3.3 and prior Product Description: SiteEnable is an open source Web application that combines content...
SiteEnable 3.3 - login.asp Cross-Site Scripting
SiteEnable 3.3 - login.asp Cross-Site Scripting source: https://www.securityfocus.com/bid/16009/info SiteEnable is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have...
SiteEnable 3.3 - 'login.asp' Cross-Site Scripting
source: https://www.securityfocus.com/bid/16009/info SiteEnable is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser o...
CVE-2005-1012
Cross-site scripting XSS vulnerability in Iatek SiteEnable allows remote attackers to inject arbitrary web script or HTML via 1 the contenttype parameter to content.asp, 2 the title, or 3 the description...
CVE-2005-1011
SQL injection vulnerability in content.asp in SiteEnable allows remote attackers to execute arbitrary SQL commands via the sortby parameter...
siteEnable.txt
Hackers Center Security Group http://www.hackerscenter.com/ Zinho's Security Advisory Title: SiteEnable CMS Multiple Severe XSS and Sql injections Risk: High Date: 1/04/2005 Vendor: http://www.siteenable.com/default.asp Quote from the Vendor: "SiteEnable starts at only $189.00" I could test...
SiteEnableXSSnSQL.txt
--Alt-Boundary-29920.9701600 Content-type: text/plain; charset=US-ASCII Content-transfer-encoding: 7BIT Content-description: Mail message body Hackers Center Security Group http://www.hackerscenter.com/ Zinho's Security Advisory Title: SiteEnable CMS Multiple Severe XSS and Sql injections Risk:...
CVE-2005-1012
Cross-site scripting XSS vulnerability in Iatek SiteEnable allows remote attackers to inject arbitrary web script or HTML via 1 the contenttype parameter to content.asp, 2 the title, or 3 the description...
CVE-2005-1011
CVE-2005-1011 affects SiteEnable’s content.asp script where the sortby parameter is not properly sanitized, enabling remote attackers to inject arbitrary SQL commands. The vulnerability is documented in multiple sources (NVD entry with CVSSv2 base score 7.5 HIGH, remote network access, no authent...
CVE-2005-1012
CVE-2005-1012 is an XSS vulnerability in Iatek SiteEnable. The issue allows remote attackers to inject arbitrary web script or HTML through (1) contenttype in content.asp, (2) the title, or (3) the description. The NVD entry confirms the affected component as SiteEnable and the impact is reflecte...
CVE-2005-1011
SQL injection vulnerability in content.asp in SiteEnable allows remote attackers to execute arbitrary SQL commands via the sortby parameter...
SiteEnable Multiple Input Validation Vulnerabilities
The remote host is running a version of the SiteEnable CMS package that has several vulnerabilities : - SQL Injection Vulnerability Due to a failure to properly sanitize user input to the 'sortby' parameter of the 'content.asp' script, an attacker can execute SQL queries against the underlying...