2 matches found
CVE-2007-4192
CVE-2007-4192 describes multiple XSS vulnerabilities in the IDE Group DVD Rental System (DRS) 5.1 before 20070801, allowing remote attackers to inject arbitrary web script or HTML via unspecified vectors. The note questions deployment coverage by IDE Group as an MSP; if all installations are upda...
CVE-2007-4193
CVE-2007-4193 covers multiple CSRF vulnerabilities in the IDE Group DVD Rental System (DRS) 5.1, reported for the request handler index.php. The issue enables remote attackers to perform actions as arbitrary users, demonstrated by (1) modifying data or (2) canceling a subscription. The root cause...