Community Enterprise 4.x - Multiple Input Validation Vulnerabilities

EDB-ID:

26909

CVE:

N/A




Platform:

CFM

Date:

2005-12-19


source: https://www.securityfocus.com/bid/15963/info

Community Enterprise is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input.

Successful exploitation of these vulnerabilities could result in a compromise of the application, disclosure or modification of data, the theft of cookie-based authentication credentials. They may also permit an attacker to exploit vulnerabilities in the underlying database implementation as well as other attacks. 

http://www.example.com/index.cfm?fuseaction=page.viewPage&pageID=1&nodeID=1[SQL]
http://www.example.com/index.cfm?fuseaction=page.viewPage&pageID=1[SQL]
http://www.example.com/index.cfm?fuseaction=Document.showDocumentSection&sortby=PublishDate&startrow=8&topicOnly=&topicRadio=&topic=&subTopic=&docTitle=&docAuthor=&publishState=&docDescription=&docPublishYear=&presentationSite=&parentid=16&ID=1[SQL]
http://www.example.com/index.cfm?fuseaction=Document.showDocumentSection&sortby=PublishDate&startrow=8&topicOnly=&topicRadio=&topic=&subTopic=&docTitle=&docAuthor=&publishState=&docDescription=&docPublishYear=&presentationSite=&parentid=[SQL]
http://www.example.com/document/docWindow.cfm?fuseaction=document.viewDocument&documentid=1&documentFormatId=[SQL]


http://www.example.com/index.cfm?fuseaction=Document.showDocumentSection&sortby=PublishDate&startrow=8&topicOnly=&topicRadio=&topic=&subTopic=&docTitle=&docAuthor=&publishState=&docDescription=&docPublishYear=&presentationSite=[XSS]
http://www.example.com/index.cfm?fuseaction=Document.showDocumentSection&sortby=PublishDate&startrow=8&topicOnly=&topicRadio=&topic=&subTopic=&docTitle=&docAuthor=&publishState=&docDescription=&docPublishYear=[XSS]
http://www.example.com/index.cfm?fuseaction=Document.showDocumentSection&sortby=PublishDate&startrow=8&topicOnly=&topicRadio=&topic=&subTopic=&docTitle=&docAuthor=&publishState=&docDescription=[XSS]
http://www.example.com/index.cfm?fuseaction=Document.showDocumentSection&sortby=PublishDate&startrow=8&topicOnly=&topicRadio=&topic=&subTopic=&docTitle=&docAuthor=&publishState=[XSS]
http://www.example.com/index.cfm?fuseaction=Document.showDocumentSection&sortby=PublishDate&startrow=8&topicOnly=&topicRadio=&topic=&subTopic=&docTitle=&docAuthor=[XSS]
http://www.example.com/index.cfm?fuseaction=Document.showDocumentSection&sortby=PublishDate&startrow=8&topicOnly=&topicRadio=&topic=&subTopic=&docTitle=[XSS]
http://www.example.com/index.cfm?fuseaction=Document.showDocumentSection&sortby=PublishDate&startrow=8&topicOnly=&topicRadio=&topic=&subTopic=[XSS]
http://www.example.com/index.cfm?fuseaction=Document.showDocumentSection&sortby=PublishDate&startrow=8&topicOnly=&topicRadio=&topic=[XSS]
http://www.example.com/index.cfm?fuseaction=Document.showDocumentSection&sortby=PublishDate&startrow=8&topicOnly=&topicRadio=[XSS]
http://www.example.com/index.cfm?fuseaction=Document.showDocumentSection&sortby=PublishDate&startrow=8&topicOnly=[XSS]
http://www.example.com/index.cfm?fuseaction=Document.showDocumentSection&sortby=PublishDate&startrow=[XSS]
http://www.example.com/index.cfm?fuseaction=Document.showDocumentSection&sortby=[XSS]