| Max CVSS | 7.5 | Min CVSS | 5.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2011-2080 | 7.5 |
Multiple SQL injection vulnerabilities in MediaCAST 8 and earlier allow remote attackers to execute arbitrary SQL commands via (1) a CP_ENLARGESTYLE cookie to the default URI under inventivex/managetraining/ or (2) unspecified input to authenticate_a
|
29-08-2017 - 01:29 | 10-05-2011 - 19:55 | |
| CVE-2010-0216 | 5.0 |
authenticate_ad_setup_finished.cfm in MediaCAST 8 and earlier allows remote attackers to discover usernames and cleartext passwords by reading the error messages returned for requests that use the UserID parameter.
|
17-08-2017 - 01:31 | 10-05-2011 - 19:55 | |
| CVE-2011-2081 | 5.0 |
MediaCAST 8 and earlier does not properly handle requests for inventivex/isptools/release/metadata/globalIncludeFolders.txt, which allows remote attackers to obtain sensitive information via unspecified vectors related to the Public/ directory tree.
|
22-09-2011 - 03:31 | 10-05-2011 - 19:55 | |
| CVE-2011-2079 | 7.5 |
MediaCAST 8 and earlier allows remote attackers to have an unspecified impact via a (1) CP_RIGHTSOURCE or (2) bdclient_Inventive cookie to the default URI under inventivex/managetraining/, related to an "XML injection" issue.
|
22-09-2011 - 03:31 | 10-05-2011 - 19:55 |