Lucene search
K

8 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.19 views

iScripts eSwap 2.0 - sqli and xss vulnerability

No description provided by source...

7.1AI score
Exploits0
NVD
NVD
added 2011/11/02 9:55 p.m.19 views

CVE-2010-5036

SQL injection vulnerability in addsale.php in iScripts eSwap 2.0 allows remote attackers to execute arbitrary SQL commands via the type parameter...

7.5CVSS8.4AI score0.01179EPSS
Exploits1References6
Prion
Prion
added 2011/11/02 9:55 p.m.10 views

Cross site scripting

Cross-site scripting XSS vulnerability in search.php in iScripts eSwap 2.0 allows remote attackers to inject arbitrary web script or HTML via the txtHomeSearch parameter aka the search field. NOTE: some of these details are obtained from third party information...

4.3CVSS6.2AI score0.01776EPSS
Exploits1References7Affected Software1
ATTACKERKB
ATTACKERKB
added 2011/11/02 9:55 p.m.2 views

CVE-2010-5036

SQL injection vulnerability in addsale.php in iScripts eSwap 2.0 allows remote attackers to execute arbitrary SQL commands via the type parameter...

7.5CVSS6.4AI score0.01179EPSS
Exploits1References7
Prion
Prion
added 2011/11/02 9:55 p.m.13 views

Sql injection

SQL injection vulnerability in addsale.php in iScripts eSwap 2.0 allows remote attackers to execute arbitrary SQL commands via the type parameter...

7.5CVSS9.1AI score0.01179EPSS
Exploits1References6Affected Software1
CVE
CVE
added 2011/11/02 9:0 p.m.38 views

CVE-2010-5035

CVE-2010-5035 is an XSS vulnerability in iScripts eSwap 2.0, affecting the search.php script via the txtHomeSearch parameter. The underlying issue is a failure to properly sanitize input, enabling remote attackers to inject arbitrary script/HTML through the search field. The NVD entry lists a CVS...

4.3CVSS5.9AI score0.01776EPSS
Exploits1References7Affected Software1
CVE
CVE
added 2011/11/02 9:0 p.m.48 views

CVE-2010-5036

CVE-2010-5036 affects iScripts eSwap 2.0, where addsale.php is vulnerable to SQL injection via the type parameter. The vulnerability allows remote attackers to potentially manipulate the database, with a CVSSv2 base score of 7.5 (HIGH) and network-based, low-complexity conditions, authenticated a...

7.5CVSS8.7AI score0.01179EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2011/11/02 9:0 p.m.25 views

CVE-2010-5036

SQL injection vulnerability in addsale.php in iScripts eSwap 2.0 allows remote attackers to execute arbitrary SQL commands via the type parameter...

8.4AI score0.01179EPSS
Exploits1References6
Rows per page
Query Builder