14 matches found
EUVD-2006-5782
Malware in sbrugna...
EUVD-2006-5783
Malware in sbrugna...
EUVD-2006-5784
Malware in sbrugna...
EUVD-2006-5781
Malware in sbrugna...
CVE-2006-5799
Multiple cross-site scripting XSS vulnerabilities in default.asp in xenis.creator CMS allow remote attackers to inject arbitrary web script or HTML via the 1 contid or 2 search parameters...
CVE-2006-5797
Multiple SQL injection vulnerabilities in default.asp in Xenis.creator CMS allow remote attackers to execute arbitrary SQL commands via the 1 nav, 2 s, or 3 print parameters...
CVE-2006-5798
SQL injection vulnerability in default.asp in Xenis.creator CMS allows remote attackers to execute arbitrary SQL commands via the contid parameter...
CVE-2006-5798
SQL injection vulnerability in default.asp in Xenis.creator CMS allows remote attackers to execute arbitrary SQL commands via the contid parameter...
CVE-2006-5798
The CVE-2006-5798 entry describes a SQL injection vulnerability in default.asp of the Xenis.creator CMS, exploitable via the contid parameter to allow remote execution of arbitrary SQL commands. The vulnerability is triggered through user-supplied contid data, enabling partial confidentiality and...
CVE-2006-5799
Multiple cross-site scripting XSS vulnerabilities in default.asp in xenis.creator CMS allow remote attackers to inject arbitrary web script or HTML via the 1 contid or 2 search parameters...
CVE-2006-5799
CVE-2006-5799 involves multiple XSS vulnerabilities in the xenis.creator CMS, specifically in default.asp where the (1) contid and (2) search parameters can be exploited to inject arbitrary web script/HTML. Documented impact is partial confidentiality/integrity/availability, with a NVD CVSS v2 ba...
CVE-2006-5800
The CVE-2006-5800 entry describes a cross-site scripting (XSS) vulnerability in the default.asp page of the xenis.creator CMS. The issue arises when an attacker can supply a crafted value for the nav parameter, enabling the injection of arbitrary web script or HTML. The available data indicate im...
CVE-2006-5797
CVE-2006-5797 affects the Xenis.creator CMS default.asp code path, where multiple SQL injection flaws allow remote attackers to inject arbitrary SQL via the (1) nav, (2) s, or (3) print parameters. The NVD entry reports a base score of 7.5 (HIGH) with network access and no authentication requirem...
MajorSecurity Advisory #31]Xenis.creator CMS - Multiple Cross Site Scripting and SQL Injection Issues
MajorSecurity Advisory 31Xenis.creator CMS - Multiple Cross Site Scripting and SQL Injection Issues Details ======= Product: xenis.creator CMS Security-Risk: high Remote-Exploit: yes Vendor-URL: http://www.xenis.cc Vendor-Status: informed Advisory-Status: published Credits ============ Discovered...