8 matches found
EUVD-2009-3477
Malware in sbrugna...
CVE-2009-3495
SQL injection vulnerability in viewmag.php in Vastal I-Tech DVD Zone allows remote attackers to execute arbitrary SQL commands via the magid parameter, a different vector than CVE-2008-4465...
CVE-2009-3496
Cross-site scripting XSS vulnerability in viewmag.php in Vastal I-Tech DVD Zone allows remote attackers to inject arbitrary web script or HTML via the magid parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in viewmag.php in Vastal I-Tech DVD Zone allows remote attackers to inject arbitrary web script or HTML via the magid parameter...
CVE-2009-3496
Cross-site scripting XSS vulnerability in viewmag.php in Vastal I-Tech DVD Zone allows remote attackers to inject arbitrary web script or HTML via the magid parameter...
CVE-2009-3495
CVE-2009-3495 describes an SQL injection in view_mag.php of Vastal I-Tech DVD Zone, exploitable via the mag_id parameter to execute arbitrary SQL commands. This mirrors the vulnerability family seen in CVE-2008-4465 but with a different input vector. The description across sources confirms a remo...
CVE-2009-3496
CVE-2009-3496 describes a cross-site scripting (XSS) vulnerability in the Vastal I-Tech DVD Zone’s view_mag.php, exploitable via the mag_id parameter to inject arbitrary script/HTML. Affected component is the server-side script handling mag_id in that application. The connected documents corrobor...
Vastal I-Tech DVD Zone - 'view_mag.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/36487/info DVD Zone is prone to an SQL-injection vulnerability and a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to steal cookie-based authentication...