2 matches found
NolaPro Enterprise 4.0.5538 Cross Site Scripting / SQL Injection
Advisory : CORELAN-10-035 Disclosure date : May 1st, 2010 http://www.corelan.be:8800/advisories.php?id=CORELAN-10-035 00 : Vulnerability information Product : NolaPro Enterprise Version : 4.0.5538 Vendor : Noguska LLC URL : http://www.nolapro.com Platform : Windows PHP/MySQL Type of vulnerabiliti...
NolaPro Enterprise 4.0.5538 - Cross-Site Scripting / SQL Injection
source: https://www.securityfocus.com/bid/39875/info NolaPro Enterprise is prone to an SQL-injection vulnerability and multiple cross-site scripting vulnerabilities. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, control how the site is rendered ...