Lucene search
+L

4514 matches found

CVE
CVE
added 2008/03/31 5:0 p.m.45 views

CVE-2008-1549

CVE-2008-1549 documents multiple SQL injection vulnerabilities in Eagle Software’s Aeries Browser Interface (ABI) 3.8.3.14 within the Aries Student Information System. The vulnerabilities allow remote attackers to execute arbitrary SQL commands via the GrdBk parameter to GradebookOptions.asp and ...

6.8CVSS8.4AI score0.0103EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2008/03/31 5:0 p.m.44 views

CVE-2008-1548

CVE-2008-1548 describes multiple XSS vulnerabilities in Aeries Browser Interface (ABI) 3.8.3.14 within Eagle Software’s Aries Student Information System. The issues allow remote attackers to inject arbitrary web script or HTML via (1) the UserName parameter to loginproc.asp and (2) the usr parame...

4.3CVSS5.8AI score0.01065EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2008/03/31 5:0 p.m.31 views

CVE-2008-1548

Multiple cross-site scripting XSS vulnerabilities in Aeries Browser Interface ABI 3.8.3.14 in Eagle Software Aries Student Information System allow remote attackers to inject arbitrary web script or HTML via the 1 UserName parameter to loginproc.asp and the 2 usr parameter to Login.asp...

5.8AI score0.01065EPSS
Exploits0References5
Cvelist
Cvelist
added 2008/03/31 5:0 p.m.24 views

CVE-2008-1549

Multiple SQL injection vulnerabilities in Aeries Browser Interface ABI 3.8.3.14 in Eagle Software Aries Student Information System allow remote attackers to execute arbitrary SQL commands via the 1 GrdBk parameter to GradebookOptions.asp and the 2 SchlCode variable to loginproc.asp, a different...

8.3AI score0.0103EPSS
Exploits0References5
exploitpack
exploitpack
added 2008/02/21 12:0 a.m.17 views

Eagle Software Aeries Student Information System 3.7.2.23.8.2.8 - Labels.asp?Term SQL Injection

Eagle Software Aeries Student Information System 3.7.2.23.8.2.8 - Labels.asp?Term SQL Injection source: https://www.securityfocus.com/bid/27924/info Aeries Student Information System is prone to multiple input-validation vulnerabilities, including multiple SQL-injection issues and an HTML-injecti...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2008/02/21 12:0 a.m.16 views

Eagle Software Aeries Student Information System 3.7.2.23.8.2.8 - Comments.asp?FC SQL Injection

Eagle Software Aeries Student Information System 3.7.2.23.8.2.8 - Comments.asp?FC SQL Injection source: https://www.securityfocus.com/bid/27924/info Aeries Student Information System is prone to multiple input-validation vulnerabilities, including multiple SQL-injection issues and an HTML-injecti...

0.5AI score
Exploits0
exploitpack
exploitpack
added 2008/02/21 12:0 a.m.20 views

Eagle Software Aeries Student Information System 3.7.2.23.8.2.8 - ClassList.asp?Term SQL Injection

Eagle Software Aeries Student Information System 3.7.2.23.8.2.8 - ClassList.asp?Term SQL Injection source: https://www.securityfocus.com/bid/27924/info Aeries Student Information System is prone to multiple input-validation vulnerabilities, including multiple SQL-injection issues and an...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2008/02/21 12:0 a.m.14 views

Eagle Software Aeries Student Information System 3.7.2.23.8.2.8 - GradebookStuScores.asp?GrdBk SQL Injection

Eagle Software Aeries Student Information System 3.7.2.23.8.2.8 - GradebookStuScores.asp?GrdBk SQL Injection source: https://www.securityfocus.com/bid/27924/info Aeries Student Information System is prone to multiple input-validation vulnerabilities, including multiple SQL-injection issues and an...

0.3AI score
Exploits0
Exploit DB
Exploit DB
added 2008/02/21 12:0 a.m.22 views

Eagle Software Aeries Student Information System 3.7.2.2/3.8.2.8 - 'Comments.asp?FC' SQL Injection

source: https://www.securityfocus.com/bid/27924/info Aeries Student Information System is prone to multiple input-validation vulnerabilities, including multiple SQL-injection issues and an HTML-injection issue, because it fails to sufficiently sanitize user-supplied data. Exploiting these issues...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2008/02/21 12:0 a.m.20 views

Eagle Software Aeries Student Information System 3.7.2.2/3.8.2.8 - 'ClassList.asp?Term' SQL Injection

source: https://www.securityfocus.com/bid/27924/info Aeries Student Information System is prone to multiple input-validation vulnerabilities, including multiple SQL-injection issues and an HTML-injection issue, because it fails to sufficiently sanitize user-supplied data. Exploiting these issues...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2008/02/21 12:0 a.m.20 views

Eagle Software Aeries Student Information System 3.7.2.2/3.8.2.8 - 'Labels.asp?Term' SQL Injection

source: https://www.securityfocus.com/bid/27924/info Aeries Student Information System is prone to multiple input-validation vulnerabilities, including multiple SQL-injection issues and an HTML-injection issue, because it fails to sufficiently sanitize user-supplied data. Exploiting these issues...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2008/01/30 12:0 a.m.21 views

bannerss-xsrfxss.txt

http://ch4n.org/banner.txt Application: Banner -- Student Services Version: 7.3 Bug: Cross-site Request Forgery, cross site scripting Exploitation: Remote, versus authenticated users Discovery Date: August 21, 2007 Notification Date: August 22, 2007 Disclosure Date: January 29, 2008 Author: Brend...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2008/01/29 12:0 a.m.7 views

SunGard Banner Student 7.3 - add1 Cross-Site Scripting

SunGard Banner Student 7.3 - add1 Cross-Site Scripting source: https://www.securityfocus.com/bid/27490/info Banner Student is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2008/01/29 12:0 a.m.39 views

SunGard Banner Student 7.3 - 'add1' Cross-Site Scripting

source: https://www.securityfocus.com/bid/27490/info Banner Student is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in t...

7AI score
Exploits0
NVD
NVD
added 2007/10/06 5:17 p.m.14 views

CVE-2007-5252

Buffer overflow in NetSupport Manager NSM Client 10.00 and 10.20, and NetSupport School Student NSS 9.00, allows remote NSM servers to cause a denial of service or possibly execute arbitrary code via crafted data in the configuration exchange phase of an initial connection setup. NOTE: a vendor...

10CVSS8AI score0.0393EPSS
Exploits0References7
CVE
CVE
added 2007/10/06 5:0 p.m.55 views

CVE-2007-5252

CVE-2007-5252 is a buffer overflow in NetSupport Manager (NSM) Client 10.00/10.20 and NetSupport School Student (NSS) 9.00. The flaw allows an unauthenticated, remote attacker to cause a denial of service or possibly execute arbitrary code through crafted data in the configuration exchange phase ...

10CVSS8AI score0.0393EPSS
Exploits0References7Affected Software2
Cvelist
Cvelist
added 2007/10/06 5:0 p.m.23 views

CVE-2007-5252

Buffer overflow in NetSupport Manager NSM Client 10.00 and 10.20, and NetSupport School Student NSS 9.00, allows remote NSM servers to cause a denial of service or possibly execute arbitrary code via crafted data in the configuration exchange phase of an initial connection setup. NOTE: a vendor...

8AI score0.0393EPSS
Exploits0References7
Cvelist
Cvelist
added 2007/09/18 7:0 p.m.25 views

CVE-2007-4945

Multiple cross-site scripting XSS vulnerabilities in LetterGrade allow remote attackers to inject arbitrary web script or HTML via 1 a student's email address, 2 the year parameter to genbrws/Student/calmonth.php3, and other unspecified vectors related to the calendar. NOTE: the provenance of thi...

5.7AI score0.01065EPSS
Exploits0References5
Exploit DB
Exploit DB
added 2007/03/21 12:0 a.m.40 views

Grandstream Budge Tone-200 IP Phone - Digest domain Denial of Service

!/usr/bin/perl MADYNES Security Advisory http://madynes.loria.fr Title: Grandstream Budge Tone-200 denial of service vulnerability Release Date: 21/03/2007 Severity: High - Denial of Service Advisory ID:KIPH3 Hardware: Grandstream Budge Tone-200 IP Phone...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2006/04/13 12:0 a.m.33 views

SynchronEyes Teacher Detection

The remote host is running SMART Technologies SynchronEyes Teacher. This software allows teachers to remotely control student desktops. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid21218; scriptversion "1.10"; scriptcvsdate"Date: 2019/10/01 11:24:12";...

5.5AI score
Exploits0
Rows per page
Query Builder