8 matches found
EUVD-2006-1270
Malware in sbrugna...
Cross site scripting
Cross-site scripting XSS vulnerability in ServiceRequests.asp in VPMi Enterprise 3.3 allows remote attackers to inject arbitrary web script or HTML via the RequestNameDisplay parameter...
CVE-2006-1266
Cross-site scripting XSS vulnerability in ServiceRequests.asp in VPMi Enterprise 3.3 allows remote attackers to inject arbitrary web script or HTML via the RequestNameDisplay parameter...
CVE-2006-1266
CVE-2006-1266 is a cross-site scripting (XSS) flaw in VPMi Enterprise 3.3, exploitable via the Request_Name_Display parameter in Service_Requests.asp. The issue allows remote attackers to inject arbitrary web script or HTML. The vulnerability is documented with an NVD CVSSv2 base score of 4.3 (ME...
CVE-2006-1266
Cross-site scripting XSS vulnerability in ServiceRequests.asp in VPMi Enterprise 3.3 allows remote attackers to inject arbitrary web script or HTML via the RequestNameDisplay parameter...
Sql injection
DISPUTED SQL injection vulnerability in VCS Virtual Program Management Intranet VPMi Enterprise 3.3 allows remote attackers to execute arbitrary SQL commands via the UpdateID0 parameter to ServiceRequests.asp. NOTE: the provenance of this information is unknown; the details are obtained solely fr...
CVE-2006-0897
SQL injection vulnerability in VCS Virtual Program Management Intranet VPMi Enterprise 3.3 allows remote attackers to execute arbitrary SQL commands via the UpdateID0 parameter to ServiceRequests.asp. NOTE: the provenance of this information is unknown; the details are obtained solely from third...
CVE-2006-0897
SQL injection vulnerability in VCS Virtual Program Management Intranet VPMi Enterprise 3.3 allows remote attackers to execute arbitrary SQL commands via the UpdateID0 parameter to ServiceRequests.asp. NOTE: the provenance of this information is unknown; the details are obtained solely from third...