4 matches found
CVE-2011-1341
CVE-2011-1341 describes a CSRF vulnerability in Aimluck Aipo before 4.0.4.0 and Aipo for ASP before 4.0.4.0, enabling remote attackers to hijack administrators’ authenticated sessions to perform data-modifying requests. Affected versions: Aipo and Aipo for ASP prior to 4.0.4.0. Root cause: CSRF i...
CVE-2010-3924
CVE-2010-3924 describes an SQL injection vulnerability in Aimluck Aipo prior to version 5.1.0.1. The issue allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, potentially exposing or altering data managed by Aipo. Affected product: Aimluck Aipo (groupware ...
CVE-2011-1342
CVE-2011-1342 affects Aimluck Aipo before 5.1.1 and Aipo for ASP before 5.1.1, where a SQL injection vulnerability allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. References in JVN/JVNDB and Red Hat/NVD confirm the issue and indicate the fix: upgrade t...
CVE-2007-5154
Aipo (Aimluck, Inc.) and Aipo ASP 3.0.1.0 and earlier are affected by a session fixation vulnerability. The issue allows an attacker to impersonate a user by obtaining or forcing a valid session ID, enabling potentially privileged actions once the user logs in. The JVN entry describes risk as use...