4514 matches found
CVE-2008-1549
CVE-2008-1549 documents multiple SQL injection vulnerabilities in Eagle Software’s Aeries Browser Interface (ABI) 3.8.3.14 within the Aries Student Information System. The vulnerabilities allow remote attackers to execute arbitrary SQL commands via the GrdBk parameter to GradebookOptions.asp and ...
CVE-2008-1548
CVE-2008-1548 describes multiple XSS vulnerabilities in Aeries Browser Interface (ABI) 3.8.3.14 within Eagle Software’s Aries Student Information System. The issues allow remote attackers to inject arbitrary web script or HTML via (1) the UserName parameter to loginproc.asp and (2) the usr parame...
CVE-2008-1548
Multiple cross-site scripting XSS vulnerabilities in Aeries Browser Interface ABI 3.8.3.14 in Eagle Software Aries Student Information System allow remote attackers to inject arbitrary web script or HTML via the 1 UserName parameter to loginproc.asp and the 2 usr parameter to Login.asp...
CVE-2008-1549
Multiple SQL injection vulnerabilities in Aeries Browser Interface ABI 3.8.3.14 in Eagle Software Aries Student Information System allow remote attackers to execute arbitrary SQL commands via the 1 GrdBk parameter to GradebookOptions.asp and the 2 SchlCode variable to loginproc.asp, a different...
Eagle Software Aeries Student Information System 3.7.2.23.8.2.8 - Labels.asp?Term SQL Injection
Eagle Software Aeries Student Information System 3.7.2.23.8.2.8 - Labels.asp?Term SQL Injection source: https://www.securityfocus.com/bid/27924/info Aeries Student Information System is prone to multiple input-validation vulnerabilities, including multiple SQL-injection issues and an HTML-injecti...
Eagle Software Aeries Student Information System 3.7.2.23.8.2.8 - Comments.asp?FC SQL Injection
Eagle Software Aeries Student Information System 3.7.2.23.8.2.8 - Comments.asp?FC SQL Injection source: https://www.securityfocus.com/bid/27924/info Aeries Student Information System is prone to multiple input-validation vulnerabilities, including multiple SQL-injection issues and an HTML-injecti...
Eagle Software Aeries Student Information System 3.7.2.23.8.2.8 - ClassList.asp?Term SQL Injection
Eagle Software Aeries Student Information System 3.7.2.23.8.2.8 - ClassList.asp?Term SQL Injection source: https://www.securityfocus.com/bid/27924/info Aeries Student Information System is prone to multiple input-validation vulnerabilities, including multiple SQL-injection issues and an...
Eagle Software Aeries Student Information System 3.7.2.23.8.2.8 - GradebookStuScores.asp?GrdBk SQL Injection
Eagle Software Aeries Student Information System 3.7.2.23.8.2.8 - GradebookStuScores.asp?GrdBk SQL Injection source: https://www.securityfocus.com/bid/27924/info Aeries Student Information System is prone to multiple input-validation vulnerabilities, including multiple SQL-injection issues and an...
Eagle Software Aeries Student Information System 3.7.2.2/3.8.2.8 - 'Comments.asp?FC' SQL Injection
source: https://www.securityfocus.com/bid/27924/info Aeries Student Information System is prone to multiple input-validation vulnerabilities, including multiple SQL-injection issues and an HTML-injection issue, because it fails to sufficiently sanitize user-supplied data. Exploiting these issues...
Eagle Software Aeries Student Information System 3.7.2.2/3.8.2.8 - 'ClassList.asp?Term' SQL Injection
source: https://www.securityfocus.com/bid/27924/info Aeries Student Information System is prone to multiple input-validation vulnerabilities, including multiple SQL-injection issues and an HTML-injection issue, because it fails to sufficiently sanitize user-supplied data. Exploiting these issues...
Eagle Software Aeries Student Information System 3.7.2.2/3.8.2.8 - 'Labels.asp?Term' SQL Injection
source: https://www.securityfocus.com/bid/27924/info Aeries Student Information System is prone to multiple input-validation vulnerabilities, including multiple SQL-injection issues and an HTML-injection issue, because it fails to sufficiently sanitize user-supplied data. Exploiting these issues...
bannerss-xsrfxss.txt
http://ch4n.org/banner.txt Application: Banner -- Student Services Version: 7.3 Bug: Cross-site Request Forgery, cross site scripting Exploitation: Remote, versus authenticated users Discovery Date: August 21, 2007 Notification Date: August 22, 2007 Disclosure Date: January 29, 2008 Author: Brend...
SunGard Banner Student 7.3 - add1 Cross-Site Scripting
SunGard Banner Student 7.3 - add1 Cross-Site Scripting source: https://www.securityfocus.com/bid/27490/info Banner Student is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary...
SunGard Banner Student 7.3 - 'add1' Cross-Site Scripting
source: https://www.securityfocus.com/bid/27490/info Banner Student is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in t...
CVE-2007-5252
Buffer overflow in NetSupport Manager NSM Client 10.00 and 10.20, and NetSupport School Student NSS 9.00, allows remote NSM servers to cause a denial of service or possibly execute arbitrary code via crafted data in the configuration exchange phase of an initial connection setup. NOTE: a vendor...
CVE-2007-5252
CVE-2007-5252 is a buffer overflow in NetSupport Manager (NSM) Client 10.00/10.20 and NetSupport School Student (NSS) 9.00. The flaw allows an unauthenticated, remote attacker to cause a denial of service or possibly execute arbitrary code through crafted data in the configuration exchange phase ...
CVE-2007-5252
Buffer overflow in NetSupport Manager NSM Client 10.00 and 10.20, and NetSupport School Student NSS 9.00, allows remote NSM servers to cause a denial of service or possibly execute arbitrary code via crafted data in the configuration exchange phase of an initial connection setup. NOTE: a vendor...
CVE-2007-4945
Multiple cross-site scripting XSS vulnerabilities in LetterGrade allow remote attackers to inject arbitrary web script or HTML via 1 a student's email address, 2 the year parameter to genbrws/Student/calmonth.php3, and other unspecified vectors related to the calendar. NOTE: the provenance of thi...
Grandstream Budge Tone-200 IP Phone - Digest domain Denial of Service
!/usr/bin/perl MADYNES Security Advisory http://madynes.loria.fr Title: Grandstream Budge Tone-200 denial of service vulnerability Release Date: 21/03/2007 Severity: High - Denial of Service Advisory ID:KIPH3 Hardware: Grandstream Budge Tone-200 IP Phone...
SynchronEyes Teacher Detection
The remote host is running SMART Technologies SynchronEyes Teacher. This software allows teachers to remotely control student desktops. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid21218; scriptversion "1.10"; scriptcvsdate"Date: 2019/10/01 11:24:12";...