RSS   Vulnerabilities for 'Business portal'   RSS

2010-03-22
 
CVE-2010-1049

CWE-89
 

 
Multiple SQL injection vulnerabilities in Uiga Business Portal allow remote attackers to execute arbitrary SQL commands via the (1) noentryid parameter to blog/index.php and the (2) p parameter to index2.php.

 
 
CVE-2010-1048

CWE-79
 

 
Cross-site scripting (XSS) vulnerability in blog/index.php in Uiga Business Portal allows remote attackers to inject arbitrary web script or HTML via the textcomment parameter (aka the Comment Box) in a noentryid action. NOTE: some of these details are obtained from third party information.

 

 >>> Vendor: UIGA 5 Products
Proxy
Church portal
Business portal
Personal portal
Fan club


Copyright 2024, cxsecurity.com

 

Back to Top