CVE-2008-1549

CVE-2008-1549 documents multiple SQL injection vulnerabilities in Eagle Software’s Aeries Browser Interface (ABI) 3.8.3.14 within the Aries Student Information System. The vulnerabilities allow remote attackers to execute arbitrary SQL commands via the GrdBk parameter to GradebookOptions.asp and ...

CVE-2008-0943

CVE-2008-0943 describes multiple SQL injection vulnerabilities in Eagle Software Aeries Browser Interface (ABI) 3.7.2.2. The flaws allow remote attackers to execute arbitrary SQL commands via (1) the FC parameter to Comments.asp, or the Term parameter to (2) Labels.asp or (3) ClassList.asp. The C...

CVE-2008-1548

CVE-2008-1548 describes multiple XSS vulnerabilities in Aeries Browser Interface (ABI) 3.8.3.14 within Eagle Software’s Aries Student Information System. The issues allow remote attackers to inject arbitrary web script or HTML via (1) the UserName parameter to loginproc.asp and (2) the usr parame...

CVE-2008-0941

The vulnerability CVE-2008-0941 affects Eagle Software Aeries Browser Interface (ABI) 3.8.2.8. It is a Cross-site Scripting (XSS) flaw that allows remote authenticated users to inject arbitrary web script or HTML via an event. The NVD entry lists a base score of 4.3 (Medium) with vector AV:N/AC:M...

CVE-2008-0942

CVE-2008-0942 affects Eagle Software Aeries Browser Interface (ABI) 3.8.2.8. The vulnerability is a SQL injection in GradebookStuScores.asp via the GrdBk parameter, allowing remote attackers to execute arbitrary SQL commands. The related connected records (e.g., CVE-2008-1549) describe additional...