17 matches found
CVE-2024-27716
Cross Site Scripting vulnerability in Eskooly Web Product v.3.0 and before allows a remote attacker to execute arbitrary code via the message sending and user input fields...
CVE-2024-27709
SQL Injection vulnerability in Eskooly Web Product v.3.0 allows a remote attacker to execute arbitrary code via the searchby parameter of the allstudents.php component and the id parameter of the requestmanager.php component...
CVE-2024-27716
Cross Site Scripting vulnerability in Eskooly Web Product v.3.0 and before allows a remote attacker to execute arbitrary code via the message sending and user input fields...
CVE-2024-27709
SQL Injection vulnerability in Eskooly Web Product v.3.0 allows a remote attacker to execute arbitrary code via the searchby parameter of the allstudents.php component and the id parameter of the requestmanager.php component...
PT-2024-22000 · Unknown · Eskooly Web Product
Name of the Vulnerable Software and Affected Versions: Eskooly Web Product version 3.0 Description: The issue allows a remote attacker to execute arbitrary code via the searchby parameter of the "allstudents.php" component and the id parameter of the "requestmanager.php" component. This enables t...
PT-2024-22007 · Unknown · Eskooly Web Product
Name of the Vulnerable Software and Affected Versions: Eskooly Web Product versions 3.0 and earlier Description: The issue allows a remote attacker to execute arbitrary code via the message sending and user input fields. This is a Cross Site Scripting vulnerability. Recommendations: For Eskooly W...
CVE-2024-27716
Eskooly Web Product (versions 3.0 and earlier) has a Cross Site Scripting (XSS) vulnerability that can allow a remote attacker to execute arbitrary code via message sending and user input fields. Root cause is XSS in the web product; impact includes arbitrary code execution. Remediation guidance ...
CVE-2024-27709
SQL Injection vulnerability in Eskooly Web Product v.3.0 allows a remote attacker to execute arbitrary code via the searchby parameter of the allstudents.php component and the id parameter of the requestmanager.php component...
CVE-2024-27709
SQL Injection vulnerability in Eskooly Web Product v.3.0 allows a remote attacker to execute arbitrary code via the searchby parameter of the allstudents.php component and the id parameter of the requestmanager.php component...
CVE-2024-27716
Cross Site Scripting vulnerability in Eskooly Web Product v.3.0 and before allows a remote attacker to execute arbitrary code via the message sending and user input fields...
CVE-2024-27716
Cross Site Scripting vulnerability in Eskooly Web Product v.3.0 and before allows a remote attacker to execute arbitrary code via the message sending and user input fields...
CVE-2024-27709
SQL Injection in Eskooly Web Product v.3.0 is documented across multiple sources (CVE-2024-27709). The vulnerability affects the web application’s components, notably allstudents.php (searchby parameter) and requestmanager.php (id parameter), allowing a remote attacker to execute arbitrary code. ...
Design/Logic Flaw
In M-Files Web product with versions before 20.10.9524.1 and 20.10.9445.0, a remote attacker could use a flaw to obtain unauthenticated access to 3rd party component license key information on server...
IBM Rational Focal Point Cross-Site Scripting Vulnerability (CNVD-2015-01906)
IBM Rational Focal Point is a Web-based product management system for IBM Rational with a built-in customer- and market-oriented product management process that provides workflow automation, information relevance analysis, statistical analysis of information, and prioritization analysis of...
NCT Jobs Portal Script SQL Injection / Cross Site Scripting
Exploit Title: XSS and Authentication bypass in NCT Jobs Portal Script Date: 24-apr-2010 Author: Sid3^effects Software Link: N/a CVE : Code : XSS and Authentication bypass in NCT Jobs Portal Script Vendor:http://www.ncrypted.net/ Author:Sid3^effects Description : NCT Jobs Portal script is a web...
NCT Jobs Portal Script XSS and Authentication bypass
Exploit for php platform in category web applications ==================================================== NCT Jobs Portal Script XSS and Authentication bypass ==================================================== Exploit Title: XSS and Authentication bypass in NCT Jobs Portal Script Date:...
smartermail-xss.txt
Product: SmarterMail Enterprise 4.3 Web product: http://www.smartertools.com/Products/SmarterMail/O verview.aspx web product demo: http://maildemo.smartertools.com/Login.aspx Apparently this webmail is vulnerable to an attack xss very dangerous because it runs automatically when you open the inbo...