Lucene search
+L

1263 matches found

NVD
NVD
added 2008/10/10 6:13 p.m.30 views

CVE-2008-4537

Cross-site scripting XSS vulnerability in EC-CUBE Ver1 1.4.6 and earlier, Ver1 Beta 1.5.0-beta and earlier, Ver2 2.1.2a and earlier, Ver2 BetaRC 2.1.1-beta and earlier, Community Edition 1.3.4 and earlier, and Community Edition Nightly-Build r17336 and earlier allows remote attackers to inject...

4.3CVSS5.5AI score0.01223EPSS
Exploits0References6
CVE
CVE
added 2008/10/10 6:0 p.m.45 views

CVE-2008-4534

EC-CUBE contains a SQL injection vulnerability in Version 2.x (2.1.2a and earlier, and 2.x RC 2.3.0-rc1 and earlier). The root cause is unsafeguarded SQL construction via unspecified vectors, allowing remote attackers to execute arbitrary SQL commands. Impact described includes potential elevatio...

7.5CVSS8.4AI score0.01258EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2008/10/10 6:0 p.m.59 views

CVE-2008-4537

CVE-2008-4537 is an XSS vulnerability reported in EC-CUBE across multiple editions (e.g., Ver1 1.4.6 and earlier, Ver1 Beta 1.5.0-beta and earlier, Ver2 2.1.2a and earlier, Ver2 Beta(RC) 2.1.1-beta and earlier, Community Edition 1.3.4 and earlier, and Nightly-Build r17336 and earlier). The vulner...

4.3CVSS5.5AI score0.01223EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2008/10/10 6:0 p.m.74 views

CVE-2008-4535

EC-CUBE has multiple cross-site scripting (XSS) vulnerabilities documented as CVE-2008-4535, CVE-2008-4536, and CVE-2008-4537. Affected versions span EC-CUBE Ver1 and Ver2 lineups (including Community Edition Nightly-Builds up to specified revisions and beta RCs). The descriptions indicate that r...

4.3CVSS5.5AI score0.01223EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2008/10/10 6:0 p.m.50 views

CVE-2008-4536

EC-CUBE is affected by a cross-site scripting (XSS) vulnerability in multiple releases: Ver1 1.4.6 and earlier, Ver1 Beta 1.5.0-beta and earlier, Ver2 2.1.2a and earlier, Ver2 Beta(RC) 2.2.0-beta and earlier, Community Edition 1.3.4 and earlier, and Community Edition Nightly-Build r17319/r17623 (...

4.3CVSS5.7AI score0.01065EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2008/10/10 6:0 p.m.26 views

CVE-2008-4536

Cross-site scripting XSS vulnerability in EC-CUBE Ver1 1.4.6 and earlier, Ver1 Beta 1.5.0-beta and earlier, Ver2 2.1.2a and earlier, Ver2 BetaRC 2.2.0-beta and earlier, Community Edition 1.3.4 and earlier, and Community Edition Nightly-Build r17319 and earlier allows remote attackers to inject...

5.5AI score0.01065EPSS
Exploits0References5
Cvelist
Cvelist
added 2008/10/10 6:0 p.m.25 views

CVE-2008-4535

Cross-site scripting XSS vulnerability in EC-CUBE Ver2 2.1.2a and earlier, EC-CUBE Ver2 BetaRC 2.2.0-beta and earlier, and EC-CUBE Community Edition Nighly-Build r17623 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different issue than...

5.5AI score0.01223EPSS
Exploits0References6
Cvelist
Cvelist
added 2008/10/10 6:0 p.m.26 views

CVE-2008-4537

Cross-site scripting XSS vulnerability in EC-CUBE Ver1 1.4.6 and earlier, Ver1 Beta 1.5.0-beta and earlier, Ver2 2.1.2a and earlier, Ver2 BetaRC 2.1.1-beta and earlier, Community Edition 1.3.4 and earlier, and Community Edition Nightly-Build r17336 and earlier allows remote attackers to inject...

5.5AI score0.01223EPSS
Exploits0References6
Cvelist
Cvelist
added 2008/10/10 6:0 p.m.21 views

CVE-2008-4534

SQL injection vulnerability in EC-CUBE Ver2 2.1.2a and earlier, and Ver2 RC 2.3.0-rc1 and earlier, allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

8.4AI score0.01258EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2008/10/01 7:32 a.m.4 views

EC-CUBE cross-site scripting vulnerability

Overview EC-CUBE provided by LOCKON CO.,LTD. contains a cross-site scripting vulnerability. EC-CUBE from LOCKON CO.,LTD. is an open source system for creating shopping websites. EC-CUBE contains a cross-site scripting vulnerability. This vulnerability is different from JVN61543834, JVN36085487, a...

4.3CVSS6.2AI score0.01223EPSS
Exploits0References9
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2008/10/01 7:32 a.m.5 views

EC-CUBE cross-site scripting vulnerability

Overview EC-CUBE provided by LOCKON CO.,LTD. contains a cross-site scripting vulnerability. EC-CUBE from LOCKON CO.,LTD. is an open source system for creating shopping websites. EC-CUBE contains a cross-site scripting vulnerability. This vulnerability is different from JVN61543834, JVN26621646, a...

4.3CVSS6.2AI score0.01065EPSS
Exploits0References9
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2008/10/01 7:31 a.m.5 views

EC-CUBE cross-site scripting vulnerability

Overview EC-CUBE provided by LOCKON CO.,LTD. contains a cross-site scripting vulnerability. EC-CUBE from LOCKON CO.,LTD. is an open source system for creating shopping websites. EC-CUBE contains a cross-site scripting vulnerability. This vulnerability is different from JVN61543834, JVN26621646, a...

4.3CVSS6.2AI score0.01223EPSS
Exploits0References9
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2008/10/01 7:31 a.m.5 views

EC-CUBE vulnerable to SQL injection

Overview EC-CUBE provided by LOCKON CO.,LTD. contains a SQL injection vulnerability. EC-CUBE from LOCKON CO.,LTD. is an open source system for creating shopping websites. EC-CUBE contains a SQL injection vulnerability. Impact An remote attacker could obtain the website administrator's privilege...

7.5CVSS8AI score0.01258EPSS
Exploits0References10
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2008/10/01 12:0 a.m.31 views

JVN#26621646 EC-CUBE cross-site scripting vulnerability

EC-CUBE from LOCKON CO.,LTD. is an open source system for creating shopping websites. EC-CUBE contains a cross-site scripting vulnerability. This vulnerability is different from JVN61543834, JVN36085487, and JVN99916563. Impact An arbitrary script could be executed on the user's web browser...

4.3CVSS5.7AI score0.01223EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2008/10/01 12:0 a.m.27 views

JVN#36085487 EC-CUBE cross-site scripting vulnerability

EC-CUBE from LOCKON CO.,LTD. is an open source system for creating shopping websites. EC-CUBE contains a cross-site scripting vulnerability. This vulnerability is different from JVN61543834, JVN26621646, and JVN99916563. Impact An arbitrary script could be executed on the user's web browser...

4.3CVSS5.7AI score0.01065EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2008/10/01 12:0 a.m.38 views

JVN#81111541 EC-CUBE vulnerable to SQL injection

EC-CUBE from LOCKON CO.,LTD. is an open source system for creating shopping websites. EC-CUBE contains a SQL injection vulnerability. Impact A remote attacker could obtain the website administrator's privilege which was created using EC-CUBE. Solution Update the Software Apply the latest updates...

7.5CVSS7.4AI score0.01258EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2008/10/01 12:0 a.m.32 views

JVN#99916563 EC-CUBE cross-site scripting vulnerability

EC-CUBE from LOCKON CO.,LTD. is an open source system for creating shopping websites. EC-CUBE contains a cross-site scripting vulnerability. This vulnerability is different from JVN61543834, JVN26621646, and JVN36085487. Impact An arbitrary script could be executed on the user's web browser...

4.3CVSS5.7AI score0.01223EPSS
Exploits0
xssed
xssed
added 2008/06/19 12:0 a.m.11 views

Unfixed XSS vulnerability at www.ec-securehost.com

Security researcher fallingmidget, has submitted on 19/06/2008 a cross-site-scripting XSS vulnerability affecting www.ec-securehost.com, which at the time of submission ranked 325136 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 09/07/2008. I...

Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2008/05/20 3:0 p.m.5 views

EC-CUBE cross-site scripting vulnerability

Overview EC-CUBE, an open source system for creating shopping websites, contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. If session information from a cookie is leaked, session hijacking could be conducted. Solution None...

4.3CVSS6.1AI score0.01262EPSS
Exploits0References12
NVD
NVD
added 2006/11/26 10:7 p.m.15 views

CVE-2006-6108

Cross-site scripting XSS vulnerability in EC-CUBE before 1.0.1a-beta allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors...

4.3CVSS5.7AI score0.01262EPSS
Exploits0References6
Rows per page
Query Builder