6 matches found
EUVD-2007-2984
Malware in sbrugna...
Sql injection
Multiple SQL injection vulnerabilities in OmegaMw7.asp in OMEGA aka Omegasoft INterneSErvicesLosungen INSEL allow remote attackers to execute arbitrary SQL commands via 1 user-created text fields; the 2 F05003, 3 F05005, and 4 F05015 fields; and other unspecified standard fields...
CVE-2007-2992
Multiple SQL injection vulnerabilities in OmegaMw7.asp in OMEGA aka Omegasoft INterneSErvicesLosungen INSEL allow remote attackers to execute arbitrary SQL commands via 1 user-created text fields; the 2 F05003, 3 F05005, and 4 F05015 fields; and other unspecified standard fields...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in OmegaMw7.asp in OMEGA aka Omegasoft INterneSErvicesLosungen INSEL allow remote attackers to inject arbitrary web script or HTML via 1 user-created text fields; the 2 F05003, 3 F05005, and 4 F05015 fields; and other unspecified standard fields...
CVE-2007-2993
Multiple cross-site scripting XSS vulnerabilities in OmegaMw7.asp in OMEGA aka Omegasoft INterneSErvicesLosungen INSEL allow remote attackers to inject arbitrary web script or HTML via 1 user-created text fields; the 2 F05003, 3 F05005, and 4 F05015 fields; and other unspecified standard fields...
static XSS / SQL-Injection in Omegasoft Insel
Input passed to fields in OmegaMw7's tables isn't properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site and/or inject SQL-Commands This applies to many many standard fields i...