EUVD-2008-3722

Malware in sbrugna...

EUVD-2008-3723

Malware in sbrugna...

CVE-2008-3737

Unspecified vulnerability in 1 System Consultants La!Cooda WIZ 1.4.0 and earlier and 2 SpaceTag LacoodaST 2.1.3 and earlier allows remote attackers to execute arbitrary PHP scripts, and delete files, read files, and possibly have unknown other impact...

Cross site scripting

Cross-site scripting XSS vulnerability in 1 System Consultants La!Cooda WIZ 1.4.0 and earlier and 2 SpaceTag LacoodaST 2.1.3 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly involving upload of files containing XSS sequences...

CVE-2008-3739

Cross-site scripting XSS vulnerability in 1 System Consultants La!Cooda WIZ 1.4.0 and earlier and 2 SpaceTag LacoodaST 2.1.3 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly involving upload of files containing XSS sequences...

Code injection

Unspecified vulnerability in 1 System Consultants La!Cooda WIZ 1.4.0 and earlier and 2 SpaceTag LacoodaST 2.1.3 and earlier allows remote attackers to execute arbitrary PHP scripts, and delete files, read files, and possibly have unknown other impact...

CVE-2008-3737

La!cooda WIZ (System Consultants) <= 1.4.0 and LacoodaST (SpaceTag)

CVE-2008-3739

La!cooda WIZ (System Consultants) <= 1.4.0 and LacoodaST (SpaceTag)

CVE-2008-3736

CVE-2008-3736 affects La!cooda WIZ 1.4.0 and earlier and LacoodaST 2.1.3 and earlier. The vulnerabilities are cross-site request forgery (CSRF) issues that may allow remote attackers to hijack the authentication of legitimate users to perform actions such as password changes or configuration chan...

CVE-2008-3736

Multiple cross-site request forgery CSRF vulnerabilities in 1 System Consultants La!Cooda WIZ 1.4.0 and earlier and 2 SpaceTag LacoodaST 2.1.3 and earlier allow remote attackers to hijack the authentication of arbitrary users for requests that a change passwords or b change configurations...

CVE-2008-3739

Cross-site scripting XSS vulnerability in 1 System Consultants La!Cooda WIZ 1.4.0 and earlier and 2 SpaceTag LacoodaST 2.1.3 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly involving upload of files containing XSS sequences...

JVN#53886050 Vulnerability in La!cooda WIZ and LacoodaST allowing an arbitrary PHP script execution

La!cooda WIZ from System Consultants Co., Ltd. and LacoodaST from SpaceTag, Inc. are groupware providing schedule and task managements, etc. La!cooda WIZ and LacoodaST contain a vulnerability which may allow a malicious user to execute an arbitrary PHP script on the server. Impact If an arbitrary...

JVN#52557009 La!cooda WIZ and LacoodaST vulnerable to cross-site scripting

La!cooda WIZ from System Consultants Co., Ltd. and LacoodaST from SpaceTag, Inc. are groupware providing schedule and task managements, etc. La!cooda WIZ and LacoodaST contain a cross-site scripting vulnerability. Impact An arbitrary script could be executed on the web browser of the user who...

JVN#83428818 La!cooda WIZ and LacoodaST vulnerable to cross-site request forgery

La!cooda WIZ from System Consultants Co., Ltd. and LacoodaST from SpaceTag, Inc. are groupware providing schedule and task managements, etc. La!cooda WIZ and LacoodaST contain a cross-site request forgery vulnerability. Impact Password or other configurations may be changed if the logged in user...

Design/Logic Flaw

Open System Consultants OSC Radiator before 4.0 allows remote attackers to cause a denial of service daemon crash via malformed RADIUS requests, as demonstrated by packets sent by nmap...

CVE-2008-0330

Open System Consultants OSC Radiator before 4.0 allows remote attackers to cause a denial of service daemon crash via malformed RADIUS requests, as demonstrated by packets sent by nmap...

CVE-2008-0330

Open System Consultants OSC Radiator before 4.0 allows remote attackers to cause a denial of service daemon crash via malformed RADIUS requests, as demonstrated by packets sent by nmap...