Oracle Siebel Sales version 8.1 suffers from a persistent cross site scripting vulnerability.
3f43d71b38cbee25e9885c53af42858b70deee9787ed94955691587b8a483967Phone Shop Sales Managements System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
e5bc430fc4ad7d6f227a8c1a5fcd8a552e5a272a0958308866a3041d552b4428Phone Shop Sales Managements System version 1.0 shell upload exploit. This is a variant of the original discovery made in this version of the software by Richard Jones in April of 2021.
741ee4649f85470c6abf3e9d7ca9af0640a3297efc7e3ba82a49e4ebe98b8837Phone Shop Sales Managements System version 1.0 suffers from an insecure direct object reference vulnerability.
da1fcca378222fdbf1d4a197a3a4581bc79f274b6898cf2f5ff34500d2da7bedPhone Shop Sales Management System version 1.0 suffers from a remote shell upload vulnerability.
a9d783359f5681aecb35f681452b1256db981ccbab1c518a9d5c58b33c753964Sales and Inventory System for Grocery Store version 1.0 suffers from multiple persistent cross site scripting vulnerabilities.
98c5ae9b0429981b3325616f4e0234af3bd69a9c60236617202b83e68eaf16b5Point of Sales version 1.0 suffers from a persistent cross site scripting vulnerability.
b1abcd5d7eb0894c7563e29ca9a278b410be32cd7afa181ae98954a8747fbcb7Point of Sales version 1.0 suffers from a remote SQL injection vulnerability.
14479cfedac75e0485e20fa319e6a41519d81d62f71e316b0d6e690a943c2987Simple Grocery Store Sales and Inventory System 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
1022810defe26088fc1cd8ab914cc8e7fe834c4c51b41de36d12177c0d99e814SalesERP version 8.1 suffers from a remote SQL injection vulnerability.
9c1cda466c60400b2fccc19162ada8fe8aed23261327ac730e386fefbce7ab25Quick Sales Network QuickXiao version 1.0 suffers from a remote SQL injection vulnerability.
75c0d74449a28bce28be37467145b39995765446b7b1dcd9531975aec08541a3Point of Sales (POS) in VB.Net MySQL Database version 1.0 suffers from a remote SQL injection vulnerability.
059e000d8a964af4883dd582a58ddb946307352e6bc2b0bcd0a1960c647826faVehicle Sales Management System suffers from cross site scripting, shell upload, and remote SQL injection vulnerabilities.
0fdd7c46c9176818beeeae5259f5201551d88ed32060f5edf8e664fbef680dddLiveSales version 1.0 suffers from a remote SQL injection vulnerability.
097a2b58529a79f85a4a859e10e546d144c4bb7d4b2f7321ed65c42dd7bd67d8ICAutosales version 1.2 suffers from a remote SQL injection vulnerability.
d0d170fbf333cb2be1c962f52350d02ee4166b2b376064788282188caf77897dSalesforce event registration functionality allows for malicious script code to be inserted.
f7561a519d811358bfe02595127a518873396dc50c1e9abcea14877111247704Debian Linux Security Advisory 3199-1 - Anton Rager and Jonathan Brossard from the Salesforce.com Product Security Team and Ben Laurie of Google discovered a denial of service vulnerability in xerces-c, a validating XML parser library for C++. The parser mishandles certain kinds of malformed input documents, resulting in a segmentation fault during a parse operation. An unauthenticated attacker could use this flaw to cause an application using the xerces-c library to crash.
fe40402cd6a4bce3afcddae3aa6bb1ca5dc1d4a4c234a62b94defe6a4e6c221aCrescendo - Sales CRM suffers from a remote SQL injection vulnerability that allows for login bypass.
6737a74ace9fe3643c31dcd9f35db6125a5aa6b8a923f9db45dd4c24e4854842NOPcon is a free non-profit hacker conference without any sales pitches. The third edition has released its call for papers and will take place September 16th, 2014 in Istanbul, Turkey.
c7884602d1753e25d327ec7fdedbeaf2782a4e004f6f85a6bbd2c75be85fe13eNOPcon is a free non-profit hacker conference without any sales pitches. The second edition has released its call for papers and will take place June 6, 2013 in Istanbul, Turkey.
006aa8f5ccc3ea31b1104b889e20324ca46ff51ec9d247b1905d339f9bb0386cCisco Security Advisory - Exploitation of the Cisco TelePresence Malformed IP Packets Denial of Service Vulnerability may allow a remote, unauthenticated attacker to create a denial of service condition, preventing the product from responding to new connection requests and potentially causing some services and processes to crash. Exploitation of the Cisco TelePresence Web Interface Command Injection may allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system with elevated privileges. Exploitation of the Cisco TelePresence Cisco Discovery Protocol Remote Code Execution Vulnerability may allow allow an unauthenticated, adjacent attacker to execute arbitrary code with elevated privileges. Cisco has released updated software that resolves the command and code execution vulnerabilities. There are currently no plans to resolve the malformed IP packets denial of service vulnerability, as this product is no longer being actively supported. There are no workarounds that mitigate these vulnerabilities. Customers should contact their Cisco Sales Representative to determine the Business Unit responsible for their Cisco TelePresence Recording Server.
d697966c2bf18aa4e5c2c7875970e0cc5906ca0fdb9589c54e691f940c9898edEssentialSoft Sales Force Automation Systems suffers from a remote SQL injection vulnerability that allows for authentication bypass.
27ce6d8c26ec03e95b0df00e1d7092bc44217f3c5d9e27a494d26594ab3df74bSecunia Security Advisory - A vulnerability has been reported in CyberHost Sales System, which can be exploited by malicious people to conduct SQL injection attacks.
3bc855ceb77b7ff3f15e4fd3c1b5baa1560394506e48fba1d694f3c411babcd0Secunia Security Advisory - A vulnerability has been reported in Cybozu Office and Cybozu dot Sales, which can be exploited by malicious people to bypass certain security restrictions.
7d5334f1d18fd187a4b7c56d38727e35504685c450b45609605694ceec09542bGarageSales suffers from a remote shell upload vulnerability.
bf840a495c50a9cf3cdb93d1f6184188ad17616d309be598440492a7328d3cf2The priorly discovered SQL injection vulnerability in BPAutoSales version 1.0 still exists in version 2.0.
a9e47901576c9ba32f6e02bb31a7d861cf24245aa4cfc236053f3040eb1e2e2d
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed