Preben Nyloekken

#13010of 53,633
20.4Total CVSS
Vulnerabilities · 4
Medium
3
High
1
PT-2006-1585
4.3
2006-02-02
Browsercrm · Browsercrm · CVE-2006-0521
**Name of the Vulnerable Software and Affected Versions** BrowserCRM (affected versions not specified) **Description** A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML via certain manipulations of the `query` parameter in results.php, for example, using an IMG SRC tag. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2006-1558
4.3
2006-02-01
Minigal · Mg2 · CVE-2006-0493
**Name of the Vulnerable Software and Affected Versions** MG2 (formerly known as Minigal) version 0.5.1 **Description** The issue allows remote attackers to inject arbitrary web script or HTML via the `Name` field in a comment associated with a picture, which can lead to cross-site scripting (XSS) attacks. **Recommendations** For MG2 (formerly known as Minigal) version 0.5.1, consider restricting access to the comment feature associated with pictures until a fix is available, and avoid using the `Name` field in comments to minimize the risk of exploitation.
PT-2006-1574
4.3
2006-02-01
Cerberus · Cerberus Helpdesk · CVE-2006-0509
**Name of the Vulnerable Software and Affected Versions** Cerberus Helpdesk version 2.7 **Description** The issue concerns multiple cross-site scripting (XSS) vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML. The `contact search` parameter is one of the vulnerable points. Additionally, unspecified URL fields are also affected. **Recommendations** For Cerberus Helpdesk version 2.7, consider restricting access to the `contact search` parameter and unspecified URL fields to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2005-4013
7.5
2005-10-14
Unknown · Aspready Faq · CVE-2005-3199
**Name of the Vulnerable Software and Affected Versions** aspReady FAQ (affected versions not specified) **Description** The issue concerns multiple SQL injection vulnerabilities in the aradmin.asp file of aspReady FAQ. These vulnerabilities allow remote attackers to execute arbitrary SQL commands. The `txtLogin` and `txtPassword` parameters are potentially vulnerable to this issue. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.