Search criteria
4 vulnerabilities found for banner_student by sungard
CVE-2009-4930 (GCVE-0-2009-4930)
Vulnerability from nvd – Published: 2010-07-09 17:00 – Updated: 2024-08-07 07:24
VLAI
Summary
Cross-site scripting (XSS) vulnerability in the twbkwbis.P_SecurityQuestion (aka Change Security Question) page in SunGard Banner Student System 7.4 allows remote attackers to inject arbitrary web script or HTML via the New Question field.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/archive/1/502810/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/34620 | vdb-entryx_refsource_BID |
Date Public
2009-04-20 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:24:52.753Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20090420 Sungard Banner System XSS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/502810/100/0/threaded"
},
{
"name": "34620",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34620"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-04-20T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the twbkwbis.P_SecurityQuestion (aka Change Security Question) page in SunGard Banner Student System 7.4 allows remote attackers to inject arbitrary web script or HTML via the New Question field."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20090420 Sungard Banner System XSS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/502810/100/0/threaded"
},
{
"name": "34620",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34620"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-4930",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the twbkwbis.P_SecurityQuestion (aka Change Security Question) page in SunGard Banner Student System 7.4 allows remote attackers to inject arbitrary web script or HTML via the New Question field."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20090420 Sungard Banner System XSS",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/502810/100/0/threaded"
},
{
"name": "34620",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34620"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-4930",
"datePublished": "2010-07-09T17:00:00.000Z",
"dateReserved": "2010-07-09T00:00:00.000Z",
"dateUpdated": "2024-08-07T07:24:52.753Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-4727 (GCVE-0-2008-4727)
Vulnerability from nvd – Published: 2008-10-23 22:00 – Updated: 2024-08-07 10:24
VLAI
Summary
Cross-site scripting (XSS) vulnerability in the contact update page (ss/bwgkoemr.P_UpdateEmrgContacts) in SunGard Banner Student 7.3 allows remote attackers to inject arbitrary web script or HTML via the addr1 parameter. NOTE: this might be resultant from a CSRF vulnerability, but there are insufficient details to be sure.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://osvdb.org/41077 | vdb-entryx_refsource_OSVDB |
| http://securityreason.com/securityalert/4494 | third-party-advisoryx_refsource_SREASON |
| http://downloads.securityfocus.com/vulnerabilitie… | x_refsource_MISC |
| http://osvdb.org/41078 | vdb-entryx_refsource_OSVDB |
| http://www.securityfocus.com/bid/27490 | vdb-entryx_refsource_BID |
| http://www.securityfocus.com/archive/1/487250/100… | mailing-listx_refsource_BUGTRAQ |
Date Public
2008-01-29 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:24:20.991Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "41077",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/41077"
},
{
"name": "4494",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/4494"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://downloads.securityfocus.com/vulnerabilities/exploits/27490.html"
},
{
"name": "41078",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/41078"
},
{
"name": "27490",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27490"
},
{
"name": "20080129 CSRF/XSS in Sungard Banner",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/487250/100/200/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-01-29T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the contact update page (ss/bwgkoemr.P_UpdateEmrgContacts) in SunGard Banner Student 7.3 allows remote attackers to inject arbitrary web script or HTML via the addr1 parameter. NOTE: this might be resultant from a CSRF vulnerability, but there are insufficient details to be sure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "41077",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/41077"
},
{
"name": "4494",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/4494"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://downloads.securityfocus.com/vulnerabilities/exploits/27490.html"
},
{
"name": "41078",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/41078"
},
{
"name": "27490",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27490"
},
{
"name": "20080129 CSRF/XSS in Sungard Banner",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/487250/100/200/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-4727",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the contact update page (ss/bwgkoemr.P_UpdateEmrgContacts) in SunGard Banner Student 7.3 allows remote attackers to inject arbitrary web script or HTML via the addr1 parameter. NOTE: this might be resultant from a CSRF vulnerability, but there are insufficient details to be sure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "41077",
"refsource": "OSVDB",
"url": "http://osvdb.org/41077"
},
{
"name": "4494",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/4494"
},
{
"name": "http://downloads.securityfocus.com/vulnerabilities/exploits/27490.html",
"refsource": "MISC",
"url": "http://downloads.securityfocus.com/vulnerabilities/exploits/27490.html"
},
{
"name": "41078",
"refsource": "OSVDB",
"url": "http://osvdb.org/41078"
},
{
"name": "27490",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27490"
},
{
"name": "20080129 CSRF/XSS in Sungard Banner",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/487250/100/200/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-4727",
"datePublished": "2008-10-23T22:00:00.000Z",
"dateReserved": "2008-10-23T00:00:00.000Z",
"dateUpdated": "2024-08-07T10:24:20.991Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-4930 (GCVE-0-2009-4930)
Vulnerability from cvelistv5 – Published: 2010-07-09 17:00 – Updated: 2024-08-07 07:24
VLAI
Summary
Cross-site scripting (XSS) vulnerability in the twbkwbis.P_SecurityQuestion (aka Change Security Question) page in SunGard Banner Student System 7.4 allows remote attackers to inject arbitrary web script or HTML via the New Question field.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/archive/1/502810/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/34620 | vdb-entryx_refsource_BID |
Date Public
2009-04-20 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:24:52.753Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20090420 Sungard Banner System XSS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/502810/100/0/threaded"
},
{
"name": "34620",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34620"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-04-20T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the twbkwbis.P_SecurityQuestion (aka Change Security Question) page in SunGard Banner Student System 7.4 allows remote attackers to inject arbitrary web script or HTML via the New Question field."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20090420 Sungard Banner System XSS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/502810/100/0/threaded"
},
{
"name": "34620",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34620"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-4930",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the twbkwbis.P_SecurityQuestion (aka Change Security Question) page in SunGard Banner Student System 7.4 allows remote attackers to inject arbitrary web script or HTML via the New Question field."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20090420 Sungard Banner System XSS",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/502810/100/0/threaded"
},
{
"name": "34620",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34620"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-4930",
"datePublished": "2010-07-09T17:00:00.000Z",
"dateReserved": "2010-07-09T00:00:00.000Z",
"dateUpdated": "2024-08-07T07:24:52.753Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-4727 (GCVE-0-2008-4727)
Vulnerability from cvelistv5 – Published: 2008-10-23 22:00 – Updated: 2024-08-07 10:24
VLAI
Summary
Cross-site scripting (XSS) vulnerability in the contact update page (ss/bwgkoemr.P_UpdateEmrgContacts) in SunGard Banner Student 7.3 allows remote attackers to inject arbitrary web script or HTML via the addr1 parameter. NOTE: this might be resultant from a CSRF vulnerability, but there are insufficient details to be sure.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://osvdb.org/41077 | vdb-entryx_refsource_OSVDB |
| http://securityreason.com/securityalert/4494 | third-party-advisoryx_refsource_SREASON |
| http://downloads.securityfocus.com/vulnerabilitie… | x_refsource_MISC |
| http://osvdb.org/41078 | vdb-entryx_refsource_OSVDB |
| http://www.securityfocus.com/bid/27490 | vdb-entryx_refsource_BID |
| http://www.securityfocus.com/archive/1/487250/100… | mailing-listx_refsource_BUGTRAQ |
Date Public
2008-01-29 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:24:20.991Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "41077",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/41077"
},
{
"name": "4494",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/4494"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://downloads.securityfocus.com/vulnerabilities/exploits/27490.html"
},
{
"name": "41078",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/41078"
},
{
"name": "27490",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27490"
},
{
"name": "20080129 CSRF/XSS in Sungard Banner",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/487250/100/200/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-01-29T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the contact update page (ss/bwgkoemr.P_UpdateEmrgContacts) in SunGard Banner Student 7.3 allows remote attackers to inject arbitrary web script or HTML via the addr1 parameter. NOTE: this might be resultant from a CSRF vulnerability, but there are insufficient details to be sure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "41077",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/41077"
},
{
"name": "4494",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/4494"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://downloads.securityfocus.com/vulnerabilities/exploits/27490.html"
},
{
"name": "41078",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/41078"
},
{
"name": "27490",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27490"
},
{
"name": "20080129 CSRF/XSS in Sungard Banner",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/487250/100/200/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-4727",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the contact update page (ss/bwgkoemr.P_UpdateEmrgContacts) in SunGard Banner Student 7.3 allows remote attackers to inject arbitrary web script or HTML via the addr1 parameter. NOTE: this might be resultant from a CSRF vulnerability, but there are insufficient details to be sure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "41077",
"refsource": "OSVDB",
"url": "http://osvdb.org/41077"
},
{
"name": "4494",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/4494"
},
{
"name": "http://downloads.securityfocus.com/vulnerabilities/exploits/27490.html",
"refsource": "MISC",
"url": "http://downloads.securityfocus.com/vulnerabilities/exploits/27490.html"
},
{
"name": "41078",
"refsource": "OSVDB",
"url": "http://osvdb.org/41078"
},
{
"name": "27490",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27490"
},
{
"name": "20080129 CSRF/XSS in Sungard Banner",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/487250/100/200/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-4727",
"datePublished": "2008-10-23T22:00:00.000Z",
"dateReserved": "2008-10-23T00:00:00.000Z",
"dateUpdated": "2024-08-07T10:24:20.991Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}