RSS   Podatności dla 'Free lan intra internet portal'   RSS

2007-02-03
 
CVE-2007-0696

 

 
Cross-site scripting (XSS) vulnerability in error messages in Free LAN In(tra|ter)net Portal (FLIP) before 1.0-RC3 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters, different vectors than CVE-2007-0611.

 
 
CVE-2007-0695

CWE-89
 

 
Multiple SQL injection vulnerabilities in Free LAN In(tra|ter)net Portal (FLIP) before 1.0-RC3 allow remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: some sources mention the escape_sqlData, implode_sql, and implode_sqlIn functions, but these are protection schemes, not the vulnerable functions.

 
2007-01-30
 
CVE-2007-0611

 

 
Multiple cross-site scripting (XSS) vulnerabilities in Free LAN In(tra|ter)net Portal (FLIP) before 1.0-RC2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors in (1) inc.page.php and (2) inc.text.php.

 


Copyright 2024, cxsecurity.com

 

Back to Top