CVE-2018-16226

A vulnerability in the web admin component of Mitel MiVoice Office 400, versions R5.0 HF3 v8839a1 and earlier, could allow an unauthenticated attacker to conduct a reflected cross-site scripting XSS attack, due to insufficient validation for the start.asp page. A successful exploit could allow th...

CVE-2018-16226

A vulnerability in the web admin component of Mitel MiVoice Office 400, versions R5.0 HF3 v8839a1 and earlier, could allow an unauthenticated attacker to conduct a reflected cross-site scripting XSS attack, due to insufficient validation for the start.asp page. A successful exploit could allow th...

infolex.lt XSS vulnerability

Vulnerable URL: http://infolex.lt/portal/ml/start.asp?lang=eng" Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 133317 VIP website status:| No Check infolex.lt SSL connection:| Grad...

Active Auction House start.asp ReturnURL Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/13036/info Active Auction House is reportedly affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may...

CVE-2008-5959

Multiple SQL injection vulnerabilities in start.asp in Active Test 2.1 allow remote attackers to execute arbitrary SQL commands via the 1 useremail parameter aka username field or 2 password parameter aka password field. NOTE: some of these details are obtained from third party information...

CVE-2008-5959

Multiple SQL injection vulnerabilities in start.asp in Active Test 2.1 allow remote attackers to execute arbitrary SQL commands via the 1 useremail parameter aka username field or 2 password parameter aka password field. NOTE: some of these details are obtained from third party information...

CVE-2008-5959

CVE-2008-5959 describes multiple SQL injection vulnerabilities in start.asp of Active Test 2.1. The issues allow remote attackers to execute arbitrary SQL commands through the (1) useremail (username) parameter or (2) password parameter. The description notes some details来自 third-party sources. T...

Sql injection

SQL injection vulnerability in account.asp in Active Force Matrix 2.0 allows remote attackers to execute arbitrary SQL commands via the 1 username and 2 password parameters, possibly related to start.asp. NOTE: some of these details are obtained from third party information...

Sql injection

SQL injection vulnerability in account.asp in Active Membership 2.0 allows remote attackers to execute arbitrary SQL commands via the 1 username and 2 password parameters, possibly related to start.asp. NOTE: some of these details are obtained from third party information...

Sql injection

SQL injection vulnerability in start.asp in Active eWebquiz 8.0 allows remote attackers to execute arbitrary SQL commands via the 1 useremail parameter aka username field or the 2 password parameter. NOTE: some of these details are obtained from third party information...

Sql injection

SQL injection vulnerability in Account.asp in Active Time Billing 3.2 allows remote attackers to execute arbitrary SQL commands via the 1 username and 2 password parameters, possibly related to start.asp. NOTE: some of these details are obtained from third party information...

CVE-2008-5631

Active eWebquiz 8.0 is affected by a SQL injection vulnerability in start.asp, exploitable via the useremail (username) or password parameter, enabling remote SQL command execution. The issue is documented across multiple sources (NVD and related CVE records). The root cause is a SQL injection fl...

CVE-2008-5632

SQL injection vulnerability in Account.asp in Active Time Billing 3.2 allows remote attackers to execute arbitrary SQL commands via the 1 username and 2 password parameters, possibly related to start.asp. NOTE: some of these details are obtained from third party information...