Lucene search
K

4 matches found

CVE
CVE
added 2011/08/19 9:0 p.m.53 views

CVE-2011-1341

CVE-2011-1341 describes a CSRF vulnerability in Aimluck Aipo before 4.0.4.0 and Aipo for ASP before 4.0.4.0, enabling remote attackers to hijack administrators’ authenticated sessions to perform data-modifying requests. Affected versions: Aipo and Aipo for ASP prior to 4.0.4.0. Root cause: CSRF i...

6.8CVSS7.3AI score0.00586EPSS
CVE
CVE
added 2011/01/13 6:35 p.m.47 views

CVE-2010-3924

CVE-2010-3924 describes an SQL injection vulnerability in Aimluck Aipo prior to version 5.1.0.1. The issue allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, potentially exposing or altering data managed by Aipo. Affected product: Aimluck Aipo (groupware ...

7.5CVSS8.1AI score0.01299EPSS
CVE
CVE
added 2011/08/19 9:0 p.m.47 views

CVE-2011-1342

CVE-2011-1342 affects Aimluck Aipo before 5.1.1 and Aipo for ASP before 5.1.1, where a SQL injection vulnerability allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. References in JVN/JVNDB and Red Hat/NVD confirm the issue and indicate the fix: upgrade t...

7.5CVSS8.2AI score0.01072EPSS
CVE
CVE
added 2007/10/01 12:0 a.m.41 views

CVE-2007-5154

Aipo (Aimluck, Inc.) and Aipo ASP 3.0.1.0 and earlier are affected by a session fixation vulnerability. The issue allows an attacker to impersonate a user by obtaining or forcing a valid session ID, enabling potentially privileged actions once the user logs in. The JVN entry describes risk as use...

5.8CVSS6.7AI score0.00821EPSS