Lucene search
K

638 matches found

CVE
CVE
added 2008/10/10 6:0 p.m.72 views

CVE-2008-4535

EC-CUBE has multiple cross-site scripting (XSS) vulnerabilities documented as CVE-2008-4535, CVE-2008-4536, and CVE-2008-4537. Affected versions span EC-CUBE Ver1 and Ver2 lineups (including Community Edition Nightly-Builds up to specified revisions and beta RCs). The descriptions indicate that r...

4.3CVSS5.5AI score0.01223EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2008/10/10 6:0 p.m.57 views

CVE-2008-4537

CVE-2008-4537 is an XSS vulnerability reported in EC-CUBE across multiple editions (e.g., Ver1 1.4.6 and earlier, Ver1 Beta 1.5.0-beta and earlier, Ver2 2.1.2a and earlier, Ver2 Beta(RC) 2.1.1-beta and earlier, Community Edition 1.3.4 and earlier, and Nightly-Build r17336 and earlier). The vulner...

4.3CVSS5.5AI score0.01223EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2008/10/10 6:0 p.m.24 views

CVE-2008-4537

Cross-site scripting XSS vulnerability in EC-CUBE Ver1 1.4.6 and earlier, Ver1 Beta 1.5.0-beta and earlier, Ver2 2.1.2a and earlier, Ver2 BetaRC 2.1.1-beta and earlier, Community Edition 1.3.4 and earlier, and Community Edition Nightly-Build r17336 and earlier allows remote attackers to inject...

5.5AI score0.01223EPSS
Exploits0References6
CVE
CVE
added 2008/10/10 6:0 p.m.48 views

CVE-2008-4536

EC-CUBE is affected by a cross-site scripting (XSS) vulnerability in multiple releases: Ver1 1.4.6 and earlier, Ver1 Beta 1.5.0-beta and earlier, Ver2 2.1.2a and earlier, Ver2 Beta(RC) 2.2.0-beta and earlier, Community Edition 1.3.4 and earlier, and Community Edition Nightly-Build r17319/r17623 (...

4.3CVSS5.7AI score0.01065EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2008/10/10 6:0 p.m.25 views

CVE-2008-4536

Cross-site scripting XSS vulnerability in EC-CUBE Ver1 1.4.6 and earlier, Ver1 Beta 1.5.0-beta and earlier, Ver2 2.1.2a and earlier, Ver2 BetaRC 2.2.0-beta and earlier, Community Edition 1.3.4 and earlier, and Community Edition Nightly-Build r17319 and earlier allows remote attackers to inject...

5.5AI score0.01065EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2008/10/01 7:32 a.m.2 views

EC-CUBE cross-site scripting vulnerability

Overview EC-CUBE provided by LOCKON CO.,LTD. contains a cross-site scripting vulnerability. EC-CUBE from LOCKON CO.,LTD. is an open source system for creating shopping websites. EC-CUBE contains a cross-site scripting vulnerability. This vulnerability is different from JVN61543834, JVN36085487, a...

4.3CVSS6.2AI score0.01223EPSS
Exploits0References9
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2008/10/01 7:32 a.m.3 views

EC-CUBE cross-site scripting vulnerability

Overview EC-CUBE provided by LOCKON CO.,LTD. contains a cross-site scripting vulnerability. EC-CUBE from LOCKON CO.,LTD. is an open source system for creating shopping websites. EC-CUBE contains a cross-site scripting vulnerability. This vulnerability is different from JVN61543834, JVN26621646, a...

4.3CVSS6.2AI score0.01065EPSS
Exploits0References9
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2008/10/01 7:31 a.m.2 views

EC-CUBE cross-site scripting vulnerability

Overview EC-CUBE provided by LOCKON CO.,LTD. contains a cross-site scripting vulnerability. EC-CUBE from LOCKON CO.,LTD. is an open source system for creating shopping websites. EC-CUBE contains a cross-site scripting vulnerability. This vulnerability is different from JVN61543834, JVN26621646, a...

4.3CVSS6.2AI score0.01223EPSS
Exploits0References9
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2008/10/01 7:31 a.m.3 views

EC-CUBE vulnerable to SQL injection

Overview EC-CUBE provided by LOCKON CO.,LTD. contains a SQL injection vulnerability. EC-CUBE from LOCKON CO.,LTD. is an open source system for creating shopping websites. EC-CUBE contains a SQL injection vulnerability. Impact An remote attacker could obtain the website administrator's privilege...

7.5CVSS8AI score0.01258EPSS
Exploits0References10
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2008/10/01 12:0 a.m.27 views

JVN#36085487 EC-CUBE cross-site scripting vulnerability

EC-CUBE from LOCKON CO.,LTD. is an open source system for creating shopping websites. EC-CUBE contains a cross-site scripting vulnerability. This vulnerability is different from JVN61543834, JVN26621646, and JVN99916563. Impact An arbitrary script could be executed on the user's web browser...

4.3CVSS5.7AI score0.01065EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2008/10/01 12:0 a.m.37 views

JVN#81111541 EC-CUBE vulnerable to SQL injection

EC-CUBE from LOCKON CO.,LTD. is an open source system for creating shopping websites. EC-CUBE contains a SQL injection vulnerability. Impact A remote attacker could obtain the website administrator's privilege which was created using EC-CUBE. Solution Update the Software Apply the latest updates...

7.5CVSS7.4AI score0.01258EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2008/10/01 12:0 a.m.30 views

JVN#26621646 EC-CUBE cross-site scripting vulnerability

EC-CUBE from LOCKON CO.,LTD. is an open source system for creating shopping websites. EC-CUBE contains a cross-site scripting vulnerability. This vulnerability is different from JVN61543834, JVN36085487, and JVN99916563. Impact An arbitrary script could be executed on the user's web browser...

4.3CVSS5.7AI score0.01223EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2008/10/01 12:0 a.m.31 views

JVN#99916563 EC-CUBE cross-site scripting vulnerability

EC-CUBE from LOCKON CO.,LTD. is an open source system for creating shopping websites. EC-CUBE contains a cross-site scripting vulnerability. This vulnerability is different from JVN61543834, JVN26621646, and JVN36085487. Impact An arbitrary script could be executed on the user's web browser...

4.3CVSS5.7AI score0.01223EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2008/05/20 3:0 p.m.3 views

EC-CUBE cross-site scripting vulnerability

Overview EC-CUBE, an open source system for creating shopping websites, contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. If session information from a cookie is leaked, session hijacking could be conducted. Solution None...

4.3CVSS6.1AI score0.01262EPSS
Exploits0References12
NVD
NVD
added 2006/11/26 10:7 p.m.13 views

CVE-2006-6108

Cross-site scripting XSS vulnerability in EC-CUBE before 1.0.1a-beta allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors...

4.3CVSS5.7AI score0.01262EPSS
Exploits0References6
Cvelist
Cvelist
added 2006/11/26 10:0 p.m.20 views

CVE-2006-6108

Cross-site scripting XSS vulnerability in EC-CUBE before 1.0.1a-beta allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors...

5.7AI score0.01262EPSS
Exploits0References6
CVE
CVE
added 2006/11/26 10:0 p.m.47 views

CVE-2006-6108

CVE-2006-6108 affects EC-CUBE prior to 1.0.1a-beta. It is a cross-site scripting (XSS) vulnerability that allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors. The vulnerability can cause browsers to execute injected scripts, which could lead to user data expo...

4.3CVSS5.9AI score0.01262EPSS
Exploits0References6Affected Software1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2006/11/17 12:0 a.m.24 views

JVN#61543834 EC-CUBE cross-site scripting vulnerability

Impact An arbitrary script may be executed on the user's web browser. If session information from a cookie is leaked, session hijacking could be conducted. Solution Products Affected EC-CUBE v1.0.0 and earlier For more information, refer to the vendor's website...

6.9AI score
Exploits0
Rows per page
Query Builder