CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cross-site request forgery CSRF vulnerability in cgi-bin/admin/setupedit.cgi in CosmoShop ePRO 10.05.00 allows remote attackers to hijack the authentication of administrators for requests that modify settings via a setup action...

6.8CVSS7.4AI score0.00121EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 1:55 a.m.•5 views

CVE-2011-5305

Multiple cross-site scripting XSS vulnerabilities in CosmoShop ePRO 10.05.00 allow remote attackers to inject arbitrary web script or HTML via 1 the rcopy parameter to cgi-bin/admin/rubrikadmin.cgi, 2 the typ parameter to cgi-bin/admin/artikeladmin.cgi, or 3 the suchbegriff parameter to...

4.3CVSS6AI score0.00225EPSS

Exploits1References1

NVD•added 2015/02/27 3:59 p.m.•9 views

CVE-2015-2103

Cross-site scripting XSS vulnerability in the admin-login panel admin/index.cgi in Cosmoshop allows remote attackers to inject arbitrary web script or HTML via the username field uname parameter...

4.3CVSS5.7AI score0.00318EPSS

Exploits1References2

Prion•added 2015/02/27 3:59 p.m.•8 views

Cross site scripting

Cross-site scripting XSS vulnerability in the admin-login panel admin/index.cgi in Cosmoshop allows remote attackers to inject arbitrary web script or HTML via the username field uname parameter...

4.3CVSS6.1AI score0.00318EPSS

Exploits1References2

ATTACKERKB•added 2015/02/27 3:59 p.m.•0 views

CVE-2015-2103

Cross-site scripting XSS vulnerability in the admin-login panel admin/index.cgi in Cosmoshop allows remote attackers to inject arbitrary web script or HTML via the username field uname parameter...

4.3CVSS5.7AI score0.00318EPSS

Exploits1References3

CVE•added 2015/02/27 3:0 p.m.•34 views

CVE-2015-2103

CVE-2015-2103 describes a Cross‑site Scripting (XSS) flaw in Cosmoshop’s admin-login panel (admin/index.cgi). The vulnerability allows remote attackers to inject arbitrary web script or HTML through the username field (u_name parameter). According to the NVD entry, the impact is partial integrity...

4.3CVSS5.9AI score0.00318EPSS

Exploits1References2Affected Software1

Cvelist•added 2015/02/27 3:0 p.m.•11 views

CVE-2015-2103

Cross-site scripting XSS vulnerability in the admin-login panel admin/index.cgi in Cosmoshop allows remote attackers to inject arbitrary web script or HTML via the username field uname parameter...

5.7AI score0.00318EPSS

Exploits1References2

securityvulns•added 2015/02/22 12:0 a.m.•161 views

Cosmoshop - XSS on Admin-Login Mask

author: l0om page: l0om.org date: 14.02.2015 Cosmoshop is a simple webshop designed for the german market. There is a simple XSS flaw at the admin-login panel in probably all cosmoshop versions. The admin login can be found at http://www.shop-site.de/cgi-bin/cosmoshop/admin/index.cgi This page wi...

0.1AI score

Exploits0

CNVD•added 2015/02/21 12:0 a.m.•1 views

Cosmoshop 'index.cgi' Cross-Site Scripting Vulnerability

Cosmoshop is an online store application. A cross-site scripting vulnerability exists in Cosmoshop 'index.cgi', which can be exploited by remote attackers to construct malicious URIs that can be tricked into being parsed by the user, which can be used to obtain sensitive cookies, hijack sessions,...

4.3CVSS6.3AI score0.00318EPSS

Exploits1References1

Packet Storm•added 2015/02/14 12:0 a.m.•29 views

Cosmoshop Cross Site Scripting

0.1AI score

Exploits0

CNVD•added 2015/01/08 12:0 a.m.•2 views

CosmoShop ePRO Cross-Site Request Forgery Vulnerability

CosmoShop ePRO is a cloud e-commerce system based on Magento. The system is able to quickly complete domain name setup, online store installation, server deployment and product launch. A cross-site request forgery vulnerability exists in CosmoShop ePRO 10.05.00, which allows remote attackers to...

6.8CVSS7.2AI score0.00121EPSS

Exploits1References1

CNVD•added 2015/01/08 12:0 a.m.•2 views

Multiple Cross-Site Scripting Vulnerabilities in CosmoShop ePRO

CosmoShop ePRO is a cloud e-commerce system based on Magento. The system is able to quickly complete domain name setup, online store installation, server deployment and product launch. CosmoShop ePRO suffers from multiple cross-site scripting vulnerabilities that can be exploited by remote...

4.3CVSS6.3AI score0.00225EPSS

Exploits1References1

NVD•added 2015/01/01 11:59 a.m.•9 views

CVE-2011-5306

6.8CVSS7AI score0.00121EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by