Lucene search

Obie Website Security Vulnerabilities

cve

CVE-2007-2532

Multiple cross-site scripting (XSS) vulnerabilities in Minh Nguyen Duong Obie Website Mini Web Shop 2 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO (query string) to (1) sendmail.php or (2) order_form.php, different vectors than...

5.8AI Score

0.007EPSS

2007-05-09 12:19 AM

cve

CVE-2006-6735

modules/viewcategory.php in Minh Nguyen Duong Obie Website Mini Web Shop 2.1.c allows remote attackers to obtain sensitive information via a request with an arbitrary catname parameter but no itemsdb parameter, which reveals the path in an error message. NOTE: CVE analysis suggests that this...

7AI Score

0.003EPSS

2006-12-26 11:28 PM

cve

CVE-2006-6734

Cross-site scripting (XSS) vulnerability in modules/viewcategory.php in Minh Nguyen Duong Obie Website Mini Web Shop 2.1.c allows remote attackers to inject arbitrary web script or HTML via the catname...

5.9AI Score

0.006EPSS

2006-12-26 11:28 PM