RSS   Vulnerabilities for 'Oneorzero'   RSS

2006-08-24
 
CVE-2006-4351

CWE-Other
 

 
Cross-site scripting (XSS) vulnerability in index.php in OneOrZero 1.6.4.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter.

 
 
CVE-2006-4350

CWE-Other
 

 
SQL injection vulnerability in index.php in OneOrZero 1.6.4.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.

 
2006-03-29
 
CVE-2006-1501

CWE-89
 

 
SQL injection vulnerability in index.php in OneOrZero 1.6.3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter, possibly in the kans action.

 

 >>> Vendor: Oneorzero 4 Products
Oneorzero helpdesk
Oneorzero
AIMS
Action and information management system


Copyright 2021, cxsecurity.com

 

Back to Top