Lucene search
Creasito E-commerce Content Manager Security Vulnerabilities
cve
Multiple SQL injection vulnerabilities in Portale e-commerce Creasito (aka creasito e-commerce content manager) 1.3.16, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the username parameter to (1) admin/checkuser.php and (2)...
8.9AI Score
0.001EPSS
2010-07-12 01:27 PM
25
cve
Creasito E-Commerce Content Manager 1.3.08 allows remote attackers to bypass authentication and perform privileged functions via a non-empty finame parameter to (1) addnewcont.php, (2) adminpassw.php, (3) amministrazione.php, (4) artins.php, (5) bgcolor.php, (6) cancartcat.php, (7) canccat.php,...
7.7AI Score
0.048EPSS
2006-11-07 12:07 AM
16