4 matches found
CVE-2012-1665
CVE-2012-1665 affects osCMax prior to v2.5.1 with multiple SQL injection flaws in the admin panel. The vulnerabilities allow remote attackers to inject SQL via: (1) username in admin/login.php, (2) status in admin/stats_monthly_sales.php, and (3) country in admin/create_account_process.php. These...
Multiple vulnerabilities in osCmax
Advisory ID: HTB23081 Product: osCmax Vendor: osCMax.com Vulnerable Versions: 2.5.0 and probably prior Tested Version: 2.5.0 Vendor Notification: 14 March 2012 Vendor Patch: 30 March 2012 Public Disclosure: 4 April 2012 Vulnerability Type: Cross-Site Scripting XSS, SQL Injection CVE References:...
osCmax 2.5.0 Cross Site Scripting / SQL Injection
Advisory ID: HTB23081 Product: osCmax Vendor: osCMax.com Vulnerable Versions: 2.5.0 and probably prior Tested Version: 2.5.0 Vendor Notification: 14 March 2012 Vendor Patch: 30 March 2012 Public Disclosure: 4 April 2012 Vulnerability Type: Cross-Site Scripting XSS, SQL Injection CVE References:...
CVE-2012-1665
creationtimestamp| type| source ---|---|--- 2012-04-04 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/37047 2012-04-04 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/37048...