RSS   Vulnerabilities for 'Dmxready secure login manager'   RSS

2006-12-29
 
CVE-2006-6816

CWE-Other
 

 
Multiple SQL injection vulnerabilities in DMXReady Secure Login Manager 1.0 allow remote attackers to execute arbitrary SQL commands via unspecified parameters to (1) set_preferences.asp, (2) send_password_preferences.asp, and (3) SecureLoginManager/list.asp in the Local-Admin Panel; (4) the sent parameter to (a) login.asp, (b) content.asp, and (c) members.asp in the Remote-WebSite; and (5) the sent parameter to applications/SecureLoginManager/inc_secureloginmanager.asp in the Live Demo.

 
 
CVE-2006-6815

CWE-Other
 

 
Multiple cross-site scripting (XSS) vulnerabilities in DMXReady Secure Login Manager 1.0 allow remote authenticated administrators to inject arbitrary web script or HTML via unspecified parameters to (1) set_preferences.asp, (2) send_password_preferences.asp, and (3) SecureLoginManager/list.asp in the Local-Admin Panel.

 

 >>> Vendor: Dmxready 10 Products
Dmxready site chassis manager
Dmxready secure login manager
Site engine manager
Blog manager
Classified listings manager
Member directory manager
Secure document library
Online notebook manager
Registration manager
Polling booth manager


Copyright 2024, cxsecurity.com

 

Back to Top