16 matches found
EUVD-2008-2130
Malware in sbrugna...
EUVD-2008-2131
Malware in sbrugna...
EUVD-2005-3743
Malware in sbrugna...
CVE-2008-2134
The Journal module in Tru-Zone Nuke ET 3.x allows remote attackers to obtain access to arbitrary user accounts, and alter or delete data, via a modified username in an unspecified cookie...
Code injection
The Journal module in Tru-Zone Nuke ET 3.x allows remote attackers to obtain access to arbitrary user accounts, and alter or delete data, via a modified username in an unspecified cookie...
Cross site scripting
Cross-site scripting XSS vulnerability in the Journal module in Tru-Zone Nuke ET 3.x allows remote attackers to inject arbitrary web script or HTML via the title parameter in a new entry, as demonstrated by a CSS property in the STYLE attribute of a DIV element, a different vulnerability than...
CVE-2008-2133
Cross-site scripting XSS vulnerability in the Journal module in Tru-Zone Nuke ET 3.x allows remote attackers to inject arbitrary web script or HTML via the title parameter in a new entry, as demonstrated by a CSS property in the STYLE attribute of a DIV element, a different vulnerability than...
CVE-2008-2134
CVE-2008-2134 affects the Journal module in Tru-Zone Nuke ET 3.x. An attacker can remotely obtain access to arbitrary user accounts and modify or delete data by supplying a modified username in an unspecified cookie. The vulnerability is documented in multiple sources (NVD entry CVE-2008-2134). T...
CVE-2008-2133
Cross-site scripting XSS vulnerability in the Journal module in Tru-Zone Nuke ET 3.x allows remote attackers to inject arbitrary web script or HTML via the title parameter in a new entry, as demonstrated by a CSS property in the STYLE attribute of a DIV element, a different vulnerability than...
CVE-2008-2134
The Journal module in Tru-Zone Nuke ET 3.x allows remote attackers to obtain access to arbitrary user accounts, and alter or delete data, via a modified username in an unspecified cookie...
CVE-2008-2133
CVE-2008-2133 is an XSS vulnerability in the Journal module of Tru-Zone Nuke ET 3.x. The flaw allows remote attackers to inject arbitrary web script or HTML via the title parameter in a new entry, demonstrated by a CSS property in the STYLE attribute of a DIV element. Affected component: Journal ...
CVE-2007-1925
The CVE-2007-1925 entry affects Tru-Zone Nuke ET 3.4 before fix 7, where the borrado function in modules/Your_Account/index.php does not verify that account deletion requests originate from the account owner. This allows remote authenticated users to delete arbitrary accounts by modifying cookies...
CVE-2007-1925
The borrado function in modules/YourAccount/index.php in Tru-Zone Nuke ET 3.4 before fix 7 does not verify that account deletion requests come from the account owner, which allows remote authenticated users to delete arbitrary accounts via a modified cookie...
CVE-2005-3748
SQL injection vulnerability in the Search module in Tru-Zone Nuke ET 3.2, and possibly earlier versions, allows remote attackers to execute arbitrary SQL commands via the query parameter...
CVE-2005-3748
CVE-2005-3748 describes an SQL injection in the Search module of Tru-Zone Nuke ET 3.2 (and possibly earlier versions). The vulnerability allows remote attackers to manipulate the database by injecting SQL via the query parameter. The NVD entry records a CVSS v2 base score of 7.5 (HIGH) with netwo...
CVE-2005-3748
SQL injection vulnerability in the Search module in Tru-Zone Nuke ET 3.2, and possibly earlier versions, allows remote attackers to execute arbitrary SQL commands via the query parameter...