17 matches found
EUVD-2006-5094
Malware in sbrugna...
EUVD-2006-5092
Malware in sbrugna...
EUVD-2006-5093
Malware in sbrugna...
EUVD-2007-2543
Malware in sbrugna...
Devellion CubeCart Security Breach
Devellion CubeCart is a free and open source e-commerce shopping cart software from the company of Devellion UK. The software supports selling products, adding/editing products or images in an online store, etc. A security vulnerability exists in Devellion CubeCart v.6.5.5 and earlier versions,...
Devellion CubeCart 安全漏洞
Devellion CubeCart is a free and open source e-commerce shopping cart software from the company of Devellion UK. The software supports selling products, adding/editing products or images, etc. in an online store. A security vulnerability exists in Devellion CubeCart versions prior to 6.5.5, which...
Devellion CubeCart Security Breach
Devellion CubeCart is a free and open source e-commerce shopping cart software from the company of Devellion UK. The software supports selling products, adding/editing products or images in an online store, etc. A security vulnerability exists in Devellion CubeCart versions prior to 6.5.3, which...
Devellion CubeCart Security Breach
Devellion CubeCart is a free and open source e-commerce shopping cart software from the company of Devellion UK. The software supports selling products, adding/editing products or images in an online store, etc. A security vulnerability exists in Devellion CubeCart versions prior to 6.5.3, which...
Unspecified Vulnerability in Devellion Cubecart
Devellion CubeCart is a free and open source e-commerce shopping cart software from the company of Devellion UK. The software supports selling products, adding/editing products or images in an online store, etc. A security vulnerability exists in Cubecart version 6.4.2, which stems from the...
Crlf injection
Multiple CRLF injection vulnerabilities in Devellion CubeCart 3.0.15 allow remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in a cookie name beginning with "ccSID" to 1 cart.php or 2 index.php...
CVE-2007-2550
Multiple CRLF injection vulnerabilities in Devellion CubeCart 3.0.15 allow remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in a cookie name beginning with "ccSID" to 1 cart.php or 2 index.php...
CVE-2007-2550
CVE-2007-2550 affects CubeCart 3.0.15 (Devellion) and involves multiple CRLF injection vulnerabilities in cookies named with a prefix of "ccSID", enabling remote attackers to inject arbitrary HTTP headers and perform HTTP response splitting against cart.php or index.php. The vulnerability is due ...
CVE-2006-5109
Devellion CubeCart 2.0.x allows remote attackers to obtain sensitive information via a direct request for 1 linknavi.php or 2 spotlight.php, which reveals the path in various error messages. NOTE: the information.php, language.php, listdocs.php, popularprod.php, sale.php, checksum.php, and...
CVE-2006-5108
Multiple cross-site scripting XSS vulnerabilities in Devellion CubeCart 2.0.x allow remote attackers to inject arbitrary web script or HTML via the orderid parameter in 1 admin/printorder.php and 2 vieworder.php; the 3 siteurl and 4 lasearchhome parameters and 5 certain language parameters in...
CVE-2006-5107
Multiple SQL injection vulnerabilities in Devellion CubeCart 2.0.x allow remote attackers to execute arbitrary SQL commands via 1 the username parameter in admin/forgotpass.php, 2 the orderid parameter in vieworder.php, 3 the viewdoc parameter in viewdoc.php, and 4 the orderid parameter in...
CVE-2006-5107
Multiple SQL injection vulnerabilities in Devellion CubeCart 2.0.x allow remote attackers to execute arbitrary SQL commands via 1 the username parameter in admin/forgotpass.php, 2 the orderid parameter in vieworder.php, 3 the viewdoc parameter in viewdoc.php, and 4 the orderid parameter in...
CVE-2006-5108
CVE-2006-5108 involves multiple cross-site scripting (XSS) vulnerabilities in Devellion CubeCart 2.0.x . The issue allows remote attackers to inject arbitrary web script or HTML via numerous parameters across several files, including: (1) order_id in admin/print_order.php and view_order.php; (2) ...