10 matches found
EUVD-2016-2258
Malware in sbrugna...
cuore-beauty.co.jp Cross Site Scripting vulnerability OBB-3352219
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
enoteca.ilcuoredellemarche.it Cross Site Scripting vulnerability OBB-1255357
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
Cuore EC-CUBE Help plug-in SQL Injection Vulnerability
Cuore EC-CUBE Help plug-in is a Japan Cuore company's use in EC-CUBE open source e-commerce site building platform and provide help function plug-in. A SQL injection vulnerability exists in the Cuore EC-CUBE Help plug-in, which allows remote attackers to execute arbitrary SQL commands via...
CVE-2016-1154
SQL injection vulnerability in the Help plug-in 1.3.5 and earlier in Cuore EC-CUBE allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2016-1154
SQL injection vulnerability in the Help plug-in 1.3.5 and earlier in Cuore EC-CUBE allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
Sql injection
SQL injection vulnerability in the Help plug-in 1.3.5 and earlier in Cuore EC-CUBE allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2016-1154
SQL injection vulnerability in the Help plug-in 1.3.5 and earlier in Cuore EC-CUBE allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2016-1154
Cuore EC-CUBE Help plug-in (version 1.3.5 and earlier) contains an SQL injection (CWE-89) vulnerability. Remote attackers can execute arbitrary SQL via unspecified vectors, potentially exposing or altering database information. The affected component is the Help plug-in for EC-CUBE created by Cuo...
JVN#31524757: EC-CUBE plugin "Help plug-in" vulnerable to SQL injection
EC-CUBE plugin "Help plug-in" provided by Cuore contains an SQL injection vulnerability CWE-89. Impact Information stored in the database may be obtained or altered by a remote attacker. Solution Update the plugin Update to the latest version according to the information provided by the developer...