CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cross-site scripting XSS vulnerability in DLGuard, possibly 4.6 and earlier, allows remote attackers to inject arbitrary web script or HTML via the searchCart parameter to index.php...

4.3CVSS6AI score0.00263EPSS

Exploits1References1

CNVD•added 2015/03/05 12:0 a.m.•2 views

DLGuard 'index.php' Information Disclosure Vulnerability

DLGuard is a secure, automated online sales website software designed for Internet businesses. The software offers multiple payment options, secure download links and pages, customer tracking and reporting, and more. An information disclosure vulnerability exists in DLGuard that originates from t...

5CVSS6.4AI score0.00283EPSS

Exploits0References1

NVD•added 2015/03/04 8:59 p.m.•8 views

CVE-2015-2209

DLGuard 4.5 allows remote attackers to obtain the installation path via the c parameter to index.php...

5CVSS6.6AI score0.00283EPSS

Exploits0References3

Prion•added 2015/03/04 8:59 p.m.•10 views

Design/Logic Flaw

DLGuard 4.5 allows remote attackers to obtain the installation path via the c parameter to index.php...

5CVSS7.2AI score0.00283EPSS

Exploits0References3Affected Software1

CVE•added 2015/03/04 8:0 p.m.•37 views

CVE-2015-2209

CVE-2015-2209 affects DLGuard 4.5. Affected component: index.php parameter handling. The vulnerability arises from insufficient input filtering, allowing remote attackers to disclose the installation path via the c parameter to index.php (information disclosure). Reported in several sources (NVD/...

5CVSS6.8AI score0.00283EPSS

Exploits0References3Affected Software1

Cvelist•added 2015/03/04 8:0 p.m.•16 views

CVE-2015-2209

DLGuard 4.5 allows remote attackers to obtain the installation path via the c parameter to index.php...

6.6AI score0.00283EPSS

Exploits0References3

CNVD•added 2015/02/28 12:0 a.m.•1 views

DLGuard SQL Injection Vulnerability

DLGuard is a complete sales and customer management system used to protect and streamline online business. A SQL injection vulnerability exists in DLGuard version 4.5, which stems from the index.php script failing to adequately filter the 'c' parameter. A remote attacker can exploit this...

7.5CVSS8.5AI score0.00397EPSS

Exploits0References1

CNVD•added 2015/02/28 12:0 a.m.•1 views

DLGuard Cross-Site Scripting Vulnerability

DLGuard is a complete sales and customer management system used to protect and streamline online business. A cross-site scripting vulnerability exists in DLGuard. A remote attacker can leverage the 'page', 'c' or 'redirect' parameters in the index.php script or the main page's 'search' field...

4.3CVSS6.2AI score0.00285EPSS

Exploits0References1

Prion•added 2015/02/24 5:59 p.m.•9 views

Sql injection

SQL injection vulnerability in DLGuard 4.5 allows remote attackers to execute arbitrary SQL commands via the c parameter to index.php...

7.5CVSS9.1AI score0.00397EPSS

Exploits0References4Affected Software1

NVD•added 2015/02/24 5:59 p.m.•8 views

CVE-2015-2064

Multiple cross-site scripting XSS vulnerabilities in DLGuard 5, 4.6, and 4.5 allow remote attackers to inject arbitrary web script or HTML via the 1 page, 2 c, or 3 redirect parameter to index.php or 4 search field searchTerm parameter in the main page...

4.3CVSS5.8AI score0.00285EPSS

Exploits0References4

Cvelist•added 2015/02/24 5:0 p.m.•16 views

CVE-2015-2064

5.8AI score0.00285EPSS

Exploits0References4

CVE•added 2015/02/24 5:0 p.m.•35 views

CVE-2015-2064

CVE-2015-2064 affects DLGuard (versions 4.5, 4.6, and 5). The vulnerability is a cross-site scripting (XSS) flaw in the main page where user-supplied input from the following can be injected as script or HTML: (1) page, (2) c, (3) redirect parameters in index.php, and (4) searchTerm in the main p...

4.3CVSS5.9AI score0.00285EPSS

Exploits0References4Affected Software1

CVE•added 2015/02/24 5:0 p.m.•29 views

CVE-2015-2066

CVE-2015-2066 affects DLGuard 4.5. A SQL injection flaw in index.php via the c parameter allows remote attackers to execute arbitrary SQL commands; exploitation details are provided by CNVD/CVE records, but no patch or mitigation is specified in the supplied documents.

7.5CVSS8.7AI score0.00397EPSS

Exploits0References4Affected Software1

Cvelist•added 2015/02/24 5:0 p.m.•15 views

CVE-2015-2066

SQL injection vulnerability in DLGuard 4.5 allows remote attackers to execute arbitrary SQL commands via the c parameter to index.php...

8.4AI score0.00397EPSS

Exploits0References4

Packet Storm•added 2015/02/18 12:0 a.m.•32 views

DLGuard 4.5 SQL Injection

DLGuard SQL Injection Security Vulnerabilities Exploit Title: DLGuard /index.php c parameter SQL Injection Security Vulnerabilities Product: DLGuard Vendor: DLGuard Vulnerable Versions: v4.5 Tested Version: v4.5 Advisory Publication: Feb 18, 2015 Latest Update: Feb 18, 2015 Vulnerability Type:...

7.4AI score

Exploits0

Packet Storm•added 2015/02/18 12:0 a.m.•24 views

DLGuard 4.5 Path Disclosure

DLGuard Full Path Disclosure Information Leakage Security Vulnerabilities Exploit Title: DLGuard /index.php c parameter Full Path Disclosure Security Vulnerabilities Product: DLGuard Vendor: DLGuard Vulnerable Versions: v4.5 Tested Version: v4.5 Advisory Publication: Feb 18, 2015 Latest Update: F...

7.4AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by