CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2015-2946

Malware in sbrugna...

7.5CVSS6.4AI score0.00387EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2002-0923

Malware in sbrugna...

7.5CVSS6.4AI score0.01402EPSS

Exploits0References4

CNVD•added 2015/10/10 12:0 a.m.•1 views

Vulnerability in Datalex airline booking software

Datalex airline booking software is a suite of software from Datalex Ireland that automatically connects to airline bookings. A security vulnerability exists in Datalex airline booking software updated prior to date 2015-09-03. A remote attacker can exploit the vulnerability to read or access...

7.5CVSS6.9AI score0.00387EPSS

Exploits0References1

NVD•added 2015/10/02 2:59 a.m.•17 views

CVE-2015-2858

Datalex airline booking software before 2015-09-03 allows remote attackers to read or write to arbitrary user data via a modified profileId parameter to 1 ValidateFormAction.do or 2 ProfileConfirmEditAddressAction.do...

7.5CVSS6.7AI score0.00387EPSS

Exploits0References1

Prion•added 2015/10/02 2:59 a.m.•13 views

Code injection

7.5CVSS7.2AI score0.00387EPSS

Exploits0References1

Cvelist•added 2015/10/02 1:0 a.m.•18 views

CVE-2015-2858

6.7AI score0.00387EPSS

Exploits0References1

CVE•added 2015/10/02 1:0 a.m.•45 views

CVE-2015-2858

The CVE-2015-2858 issue affects the Datalex airline booking software (pre-2015-09-03) and stems from an authorization-check bypass in how the application processes the profileId parameter. By modifying profileId in POST requests to ValidateFormAction.do or ProfileConfirmEditAddressAction.do, an a...

7.5CVSS6.9AI score0.00387EPSS

Exploits0References1Affected Software1

CERT•added 2015/09/30 12:0 a.m.•147 views

Datalex airline booking software allowed authorization bypass for arbitrary users

Overview Datalex provides a suite of software offerings for the airline industry which supports a customizable flight browsing, booking, payment, and analytics. The Datalex airline booking software contained an error in its error handling routines which allows authorization bypass and loss of...

7.5CVSS6.7AI score0.00387EPSS

Exploits0References1

NVD•added 2002/10/04 4:0 a.m.•7 views

CVE-2002-0933

Datalex PLC BookIt! Consumer before 2.2 stores usernames and passwords in plaintext in a cookie, which could allow remote attackers to gain privileges via Cross-site scripting or sniffing attacks...

7.5CVSS6.7AI score0.01402EPSS

Exploits0References3

CVE•added 2002/08/31 4:0 a.m.•35 views

CVE-2002-0933

CVE-2002-0933 affects Datalex PLC BookIt! Consumer prior to version 2.2. The issue stems from usernames/passwords being stored in plaintext in a cookie, enabling remote attackers to gain privileges through cross-site scripting or sniffing. The NVD metrics indicate partial impact to confidentialit...

7.5CVSS7AI score0.01402EPSS

Exploits0References3Affected Software1

Cvelist•added 2002/08/31 4:0 a.m.•13 views

CVE-2002-0933

Datalex PLC BookIt! Consumer before 2.2 stores usernames and passwords in plaintext in a cookie, which could allow remote attackers to gain privileges via Cross-site scripting or sniffing attacks...

6.7AI score0.01402EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by