Lucene search
K

70 matches found

CVE
CVE
added 2006/10/18 7:0 p.m.50 views

CVE-2006-5392

OpenDock FullCore 4.4 and earlier are affected by multiple PHP remote file inclusion vulnerabilities. An attacker can cause arbitrary PHP code execution by supplying a URL in the doc_directory parameter across numerous scripts (sw/index_sw.php; sw/lib_cart/; sw/lib_comment/ ; sw/lib_find/find.php...

7.5CVSS8.1AI score0.09675EPSS
Exploits1References15Affected Software1
CVE
CVE
added 2006/10/04 12:0 a.m.36 views

CVE-2006-5164

CVE-2006-5164 affects Sum Effect Software digiSHOP 4.0. Vulnerable component: cart.php. Type: cross-site scripting (XSS). Vectors: remote attackers can craft requests using the (1) sortBy or (2) search parameters to inject arbitrary web script/HTML. Impact: potential script execution in the victi...

6.8CVSS6AI score0.02106EPSS
Exploits1References6Affected Software1
Prion
Prion
added 2006/05/04 12:38 p.m.11 views

Sql injection

Multiple SQL injection vulnerabilities in Avactis Shopping Cart 0.1.2 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 categoryid parameter in a storespecialoffers.php and b store.php, and 2 prodid parameter in c cart.php and d productinfo.php. NOTE: this issue also...

7.5CVSS9.2AI score0.01337EPSS
Exploits0References6Affected Software1
Prion
Prion
added 2006/03/23 11:6 a.m.13 views

Sql injection

Multiple SQL injection vulnerabilities in MusicBox 2.3 Beta 2 allow remote attackers to execute arbitrary SQL commands via the 1 id, 2 type, or 3 show parameter to a index.php; or the 4 message1 or 5 message parameter to b cart.php...

7.5CVSS8.9AI score0.01299EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2006/03/23 11:0 a.m.41 views

CVE-2006-1360

CVE-2006-1360 describes multiple SQL injection vulnerabilities in MusicBox 2.3 Beta 2. Attack via parameters (id, type, show to index.php; message1 or message to cart.php) can allow remote attackers to execute arbitrary SQL commands. The description specifies the vulnerable inputs but does not pr...

7.5CVSS8.4AI score0.01299EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2006/03/22 1:2 a.m.11 views

CVE-2006-1349

Multiple cross-site scripting XSS vulnerabilities in Musicbox 2.3 Beta 2 allow remote attackers to inject arbitrary web script or HTML via the 1 id and 2 type and 3 show parameters in a top action in a index.php; and the 4 message1 parameter in b cart.php...

4.3CVSS5.7AI score0.01981EPSS
Exploits1References7
Prion
Prion
added 2006/03/22 1:2 a.m.17 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Musicbox 2.3 Beta 2 allow remote attackers to inject arbitrary web script or HTML via the 1 id and 2 type and 3 show parameters in a top action in a index.php; and the 4 message1 parameter in b cart.php...

4.3CVSS5.9AI score0.01981EPSS
Exploits1References7Affected Software1
Cvelist
Cvelist
added 2006/03/22 1:0 a.m.15 views

CVE-2006-1349

Multiple cross-site scripting XSS vulnerabilities in Musicbox 2.3 Beta 2 allow remote attackers to inject arbitrary web script or HTML via the 1 id and 2 type and 3 show parameters in a top action in a index.php; and the 4 message1 parameter in b cart.php...

5.7AI score0.01981EPSS
Exploits1References7
CVE
CVE
added 2006/01/04 11:0 a.m.50 views

CVE-2005-4614

Multiple SQL injection vulnerabilities in digiSHOP 3.1.17 and earlier allow remote attackers to execute arbitrary SQL commands or obtain the full installation path via (1) the c parameter in cart.php and (2) unspecified search module parameters. Affected: digiSHOP 3.1.17 and earlier. Impact: pote...

7.5CVSS8.6AI score0.01465EPSS
Exploits1References6Affected Software1
CVE
CVE
added 2005/04/09 4:0 a.m.34 views

CVE-2005-1032

This CVE entry is rejected/not used; it does not represent an active vulnerability.

6.6AI score
Exploits0
Rows per page
Query Builder