Lucene search
K

92 matches found

seebug.org
seebug.org
added 2014/01/13 12:0 a.m.67 views

Open Web Analytics 'owa_email_address'参数SQL注入漏洞

BUGTRAQ ID: 64774 CVECAN ID: CVE-2014-1206 Open Web Analytics是一个开源的网站流量统计系统。 Open Web Analytics 1.5.4及更早版本没有正确过滤index.php的"owaemailaddress"参数("owado"设置为"base.passwordResetForm","owaaction"设置为"base.passwordResetRequest"),在实现上存在安全漏洞,可导致注入任意SQL代码。 0 Open Web Analytics Open Web Analytics = 1.5.4 Open...

7.5CVSS6.4AI score0.02495EPSS
Exploits7
NVD
NVD
added 2010/07/08 10:30 p.m.11 views

CVE-2010-2676

Multiple directory traversal vulnerabilities in index.php in Open Web Analytics OWA 1.2.3 might allow remote attackers to read arbitrary files via directory traversal sequences in the 1 owaaction and 2 owado parameters...

5CVSS6.9AI score0.02862EPSS
Exploits1References5
NVD
NVD
added 2010/07/08 10:30 p.m.11 views

CVE-2010-2677

PHP remote file inclusion vulnerability in mwplugin.php in Open Web Analytics OWA 1.2.3, when magicquotesgpc is disabled and registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the IP parameter. NOTE: some of these details are obtained from third party...

5.1CVSS7.6AI score0.02687EPSS
Exploits1References7
Prion
Prion
added 2010/07/08 10:30 p.m.10 views

Directory traversal

Multiple directory traversal vulnerabilities in index.php in Open Web Analytics OWA 1.2.3 might allow remote attackers to read arbitrary files via directory traversal sequences in the 1 owaaction and 2 owado parameters...

5CVSS7.5AI score0.02862EPSS
Exploits1References5Affected Software1
Prion
Prion
added 2010/07/08 10:30 p.m.13 views

Remote file inclusion

PHP remote file inclusion vulnerability in mwplugin.php in Open Web Analytics OWA 1.2.3, when magicquotesgpc is disabled and registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the IP parameter. NOTE: some of these details are obtained from third party...

5.1CVSS8.1AI score0.02687EPSS
Exploits1References7Affected Software1
Cvelist
Cvelist
added 2010/07/08 10:0 p.m.15 views

CVE-2010-2677

PHP remote file inclusion vulnerability in mwplugin.php in Open Web Analytics OWA 1.2.3, when magicquotesgpc is disabled and registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the IP parameter. NOTE: some of these details are obtained from third party...

7.6AI score0.02687EPSS
Exploits1References7
Cvelist
Cvelist
added 2010/07/08 10:0 p.m.16 views

CVE-2010-2676

Multiple directory traversal vulnerabilities in index.php in Open Web Analytics OWA 1.2.3 might allow remote attackers to read arbitrary files via directory traversal sequences in the 1 owaaction and 2 owado parameters...

6.9AI score0.02862EPSS
Exploits1References5
CVE
CVE
added 2010/07/08 10:0 p.m.53 views

CVE-2010-2677

Open Web Analytics (OWA) 1.2.3 is affected by a PHP remote file inclusion due to mw_plugin.php, where enabling register_globals and disabling magic_quotes_gpc allows an attacker to execute arbitrary PHP code via a URL in the IP parameter. The root cause is improper handling of user input in the R...

5.1CVSS7.8AI score0.02687EPSS
Exploits1References7Affected Software1
CVE
CVE
added 2010/07/08 10:0 p.m.48 views

CVE-2010-2676

Open Web Analytics (OWA) 1.2.3 is affected by multiple directory traversal flaws in index.php, exploitable via the owa_action and owa_do parameters. The underlying issue allows remote attackers to read arbitrary files, as described in CVE-2010-2676. Attack surface is network-exposed and does not ...

5CVSS7.1AI score0.02862EPSS
Exploits1References5Affected Software1
Packet Storm
Packet Storm
added 2010/03/28 12:0 a.m.34 views

Open Web Analytics 1.2.3 Local / Remote File Inclusion

=========================================================================== Topic : Open Web Analytics 1.2.3 Bug type : multi file include Download : http://downloads.openwebanalytics.com/owa/owa123.tar Advisory : =========================================================================== Author ...

7.4AI score
Exploits0
0day.today
0day.today
added 2010/03/27 12:0 a.m.22 views

Open Web Analytics 1.2.3 multi file include

Exploit for php platform in category web applications =========================================== Open Web Analytics 1.2.3 multi file include =========================================== =========================================================================== Topic : Open Web Analytics 1.2.3 Bu...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2010/03/27 12:0 a.m.18 views

Open Web Analytics 1.2.3 - Multiple File Inclusions

Open Web Analytics 1.2.3 - Multiple File Inclusions =========================================================================== Topic : Open Web Analytics 1.2.3 Bug type : multi file include Download : http://downloads.openwebanalytics.com/owa/owa123.tar Advisory :...

0.3AI score
Exploits0
Rows per page
Query Builder