29 matches found
EUVD-2014-1673
Malware in sbrugna...
EUVD-2014-2271
Malware in sbrugna...
EUVD-2014-1315
Malware in sbrugna...
CVE-2014-2231
Cross-site scripting XSS vulnerability in the API in synetics i-doit pro before 1.2.5 allows remote attackers to inject arbitrary web script or HTML via a property title...
CVE-2019-1010248
Synetics GmbH I-doit 1.12 and earlier is affected by: SQL Injection. The impact is: Unauthenticated mysql database access. The component is: Web login form. The attack vector is: An attacker can exploit the vulnerability by sending a malicious HTTP POST request. The fixed version is: 1.12.1...
Synetics i-doit cross-site scripting vulnerability (CNVD-2021-39651)
Synetics i-doit is a set of open source configuration management database CMDB software from Synetics Germany. The software includes features such as IT infrastructure management, network document management, IP address management and IT asset management. A cross-site scripting vulnerability exis...
Synetics i-doit 跨站脚本漏洞
Synetics i-doit is a set of open source configuration management database CMDB software from Synetics Germany. The software includes features such as IT infrastructure management, network document management, IP address management and IT asset management. A cross-site scripting vulnerability exis...
Synetics i-doit Cross-Site Scripting Vulnerability
Synetics i-doit is a set of open source configuration management database CMDB software from Synetics Germany. The software includes features such as IT infrastructure management, network document management, IP address management and IT asset management. A cross-site scripting vulnerability exis...
Synetics i-doit SQL Injection Vulnerability
Synetics i-doit is a set of open source configuration management database CMDB software from Synetics Germany. The software includes features such as IT infrastructure management, network document management, IP address management and IT asset management. A SQL injection vulnerability exists in t...
CVE-2019-1010248
Synetics GmbH I-doit 1.12 and earlier is affected by: SQL Injection. The impact is: Unauthenticated mysql database access. The component is: Web login form. The attack vector is: An attacker can exploit the vulnerability by sending a malicious HTTP POST request. The fixed version is: 1.12.1...
Sql injection
Synetics GmbH I-doit 1.12 and earlier is affected by: SQL Injection. The impact is: Unauthenticated mysql database access. The component is: Web login form. The attack vector is: An attacker can exploit the vulnerability by sending a malicious HTTP POST request. The fixed version is: 1.12.1...
CVE-2019-1010248
Synetics GmbH I-doit 1.12 and earlier is affected by: SQL Injection. The impact is: Unauthenticated mysql database access. The component is: Web login form. The attack vector is: An attacker can exploit the vulnerability by sending a malicious HTTP POST request. The fixed version is: 1.12.1...
CVE-2019-1010248
CVE-2019-1010248 affects Synetics i-doit 1.12 and earlier. A SQL injection in the Web login form allows an attacker to perform unauthenticated access to the MySQL database. The vulnerability is exploitable by sending a malicious HTTP POST request. The fixed version is 1.12.1. Connected sources co...
synetics i-doit pro API跨站脚本漏洞
BUGTRAQ ID:65957 CVE ID:CVE-2014-2231 Synetics i-doit是德国Synetics公司的一个基于Web的开源IT文档和CMDB(配置管理数据库),它能够记录IT系统及其变化的信息,同时针对系统变化制定应急方案,最终确保IT网络稳定、高效的运作。 synetics i-doit 1.2.5之前版本的的API存在跨站脚本漏洞,允许远程攻击者通过产权注入任意的web脚本或HTML。 0 synetics GmbH i-doit 1.2.4 synetics GmbH i-doit 1.1.1 synetics GmbH i-doit 1.1.2...
CVE-2014-2231
Cross-site scripting XSS vulnerability in the API in synetics i-doit pro before 1.2.5 allows remote attackers to inject arbitrary web script or HTML via a property title...
CVE-2014-1597
SQL injection vulnerability in the CMDB web application in synetics i-doit pro before 1.2.5 and i-doit open allows remote attackers to execute arbitrary SQL commands via the objID parameter to the default URI...
Cross site scripting
Cross-site scripting XSS vulnerability in the API in synetics i-doit pro before 1.2.5 allows remote attackers to inject arbitrary web script or HTML via a property title...
CVE-2014-1597
SQL injection vulnerability in the CMDB web application in synetics i-doit pro before 1.2.5 and i-doit open allows remote attackers to execute arbitrary SQL commands via the objID parameter to the default URI...
CVE-2014-1597
The CVE-2014-1597 issue affects i-doit Pro (and i-doit open) prior to version 1.2.5, where the CMDB web application exposes an SQL injection via the objID parameter in the default URI. The underlying flaw allows remote attackers to execute arbitrary SQL commands, enabling data manipulation or ext...
CVE-2014-2231
CVE-2014-2231 affects synetics i-doit pro API prior to 1.2.5, where an XSS flaw allows remote attackers to inject arbitrary web script/HTML via the title property. Affected: synetics i-doit pro before 1.2.5 (API component). Root cause: improper handling/validation of the title field in API input....