3 matches found
CVE-2005-1011
CVE-2005-1011 affects SiteEnable’s content.asp script where the sortby parameter is not properly sanitized, enabling remote attackers to inject arbitrary SQL commands. The vulnerability is documented in multiple sources (NVD entry with CVSSv2 base score 7.5 HIGH, remote network access, no authent...
CVE-2005-1012
CVE-2005-1012 is an XSS vulnerability in Iatek SiteEnable. The issue allows remote attackers to inject arbitrary web script or HTML through (1) contenttype in content.asp, (2) the title, or (3) the description. The NVD entry confirms the affected component as SiteEnable and the impact is reflecte...
CVE-2005-4483
CVE-2005-4483 discloses a cross-site scripting (XSS) flaw in SiteEnable 3.3 and earlier, occurring in login.asp and exploitable via the ret_page parameter. The vulnerability allows remote attackers to inject arbitrary web script or HTML, potentially affecting users who interact with the compromis...