Lucene search
K

5 matches found

OSV
OSV
added 2020/09/03 2:15 p.m.10 views

CVE-2020-12058

Several XSS vulnerabilities in osCommerce CE Phoenix before 1.0.6.0 allow an attacker to inject and execute arbitrary JavaScript code. The malicious code can be injected as follows: the page parameter to catalog/admin/orderstatus.php, catalog/admin/taxrates.php, catalog/admin/languages.php,...

6.1CVSS6.6AI score
Exploits0References3
Prion
Prion
added 2015/05/20 6:59 p.m.22 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the admin panel in osCMax before 2.5.1 allow remote attackers to inject arbitrary web script or HTML via the 1 username parameter in a process action to admin/login.php; 2 pageTitle, 3 currentproductid, or 4 cPath parameter to...

4.3CVSS6AI score0.02861EPSS
Exploits2References14Affected Software1
NVD
NVD
added 2015/01/13 3:59 p.m.19 views

CVE-2014-10033

SQL injection vulnerability in the updatezone function in catalog/admin/geozones.php in osCommerce Online Merchant 2.3.3.4 and earlier allows remote administrators to execute arbitrary SQL commands via the zID parameter in a list action...

6.5CVSS8.3AI score0.01798EPSS
Exploits1References5
Cvelist
Cvelist
added 2015/01/13 3:0 p.m.21 views

CVE-2014-10033

SQL injection vulnerability in the updatezone function in catalog/admin/geozones.php in osCommerce Online Merchant 2.3.3.4 and earlier allows remote administrators to execute arbitrary SQL commands via the zID parameter in a list action...

8.3AI score0.01798EPSS
Exploits1References5
0day.today
0day.today
added 2014/02/19 12:0 a.m.18 views

osCommerce v2.x SQL Injection Vulnerability

Exploit for php platform in category web applications Title: osCommerce v2.x SQL Injection Vulnerability Dork: Powered by osCommerce Author: Ahmed Aboul-Ela Contact: ahmed.aboul3laatgmaildotcom - http://twitter.com/secgeek Vendor : http://www.oscommerce.com Version: v2.3.3.4 current latest releas...

7.1AI score
Exploits0
Rows per page
Query Builder