Lucene search
K

854 matches found

NVD
NVD
added 2007/03/20 10:19 a.m.11 views

CVE-2006-7171

productreview.php in Koan Software Mega Mall allows remote attackers to obtain the installation path via a request with an empty value of the x parameter...

5CVSS6.5AI score0.0106EPSS
Exploits0References2
NVD
NVD
added 2007/03/20 10:19 a.m.13 views

CVE-2006-7170

Multiple SQL injection vulnerabilities in Koan Software Mega Mall allow remote attackers to execute arbitrary SQL commands via the 1 t, 2 productId, 3 sk, 4 x, or 5 so parameter to a productreview.php; or the 6 orderNo parameter to b order-track.php...

7.5CVSS8.5AI score0.0128EPSS
Exploits0References3
Cvelist
Cvelist
added 2007/03/20 10:0 a.m.15 views

CVE-2006-7171

productreview.php in Koan Software Mega Mall allows remote attackers to obtain the installation path via a request with an empty value of the x parameter...

6.5AI score0.0106EPSS
Exploits0References2
Cvelist
Cvelist
added 2007/03/20 10:0 a.m.16 views

CVE-2006-7170

Multiple SQL injection vulnerabilities in Koan Software Mega Mall allow remote attackers to execute arbitrary SQL commands via the 1 t, 2 productId, 3 sk, 4 x, or 5 so parameter to a productreview.php; or the 6 orderNo parameter to b order-track.php...

8.5AI score0.0128EPSS
Exploits0References3
CVE
CVE
added 2007/03/20 10:0 a.m.44 views

CVE-2006-7171

CVE-2006-7171 affects Koan Software Mega Mall. The vulnerability occurs in product_review.php, where remote attackers can cause disclosure of the installation path by sending a request with an empty value for the x[] parameter. The provided documents do not specify affected versions, root cause d...

5CVSS6.9AI score0.0106EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2007/03/20 10:0 a.m.38 views

CVE-2006-7170

CVE-2006-7170 describes multiple SQL injection vulnerabilities in Koan Software Mega Mall. The affected components are the PHP scripts (a) product_review.php via parameters t, productId, sk, x, or so, and (b) order-track.php via parameter orderNo. The root cause is unsafely concatenated SQL in th...

7.5CVSS8.9AI score0.0128EPSS
Exploits0References3Affected Software1
exploitpack
exploitpack
added 2006/11/14 12:0 a.m.15 views

Mega Mall - order-track.php?orderNo SQL Injection

Mega Mall - order-track.php?orderNo SQL Injection source: https://www.securityfocus.com/bid/21072/info Megamail is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an...

0.5AI score
Exploits0
Packet Storm
Packet Storm
added 2006/11/14 12:0 a.m.24 views

megamallSQL.txt

vendor site: http://products.kaonsoftwares.com/ product: mega-mall bug:injection sql & full path disclosure language: asp risk: high injection sql get: http://site.com/mega-mall/productreview.php?t=sql http://site.com/mega-mall/productreview.php?t=0&productId=sql...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2006/11/14 12:0 a.m.123 views

Mega Mall [ multiples injection sql & full path disclosure ]

vendor site: http://products.kaonsoftwares.com/ product: mega-mall bug:injection sql & full path disclosure language: asp risk: high injection sql get: http://site.com/mega-mall/productreview.php?t=sql http://site.com/mega-mall/productreview.php?t=0&productId=sql...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2006/11/14 12:0 a.m.28 views

Mega Mall - 'order-track.php?orderNo' SQL Injection

source: https://www.securityfocus.com/bid/21072/info Megamail is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access or...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2006/11/14 12:0 a.m.18 views

Mega Mall - 'product_review.php' Multiple SQL Injections

source: https://www.securityfocus.com/bid/21072/info Megamail is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access or...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2005/11/15 12:0 a.m.28 views

HP-UX PHNE_33790 : s700_800 11.00 r-commands cumulative mega-patch

s700800 11.00 r-commands cumulative mega-patch : The remote HP-UX host is affected by multiple vulnerabilities : - A potential vulnerability hs been identified with HP-UX systems running in Trusted Mode. The vulnerability could be exploited remotely to gain unauthorized access. HPSBUX02072...

7.5CVSS5.5AI score0.04241EPSS
Exploits0References4
NVD
NVD
added 2004/12/31 5:0 a.m.12 views

CVE-2004-2743

upload.cgi in Mega Upload Progress Bar before 1.45 allows remote attackers to copy or overwrite arbitrary files via unspecified parameters related to names of uploaded files...

6.4CVSS6.8AI score0.01449EPSS
Exploits0References7
securityvulns
securityvulns
added 2004/10/30 12:0 a.m.25 views

[SA12993] Mega Upload Unspecified "File List" Vulnerability

TITLE: Mega Upload Unspecified "File List" Vulnerability SECUNIA ADVISORY ID: SA12993 VERIFY ADVISORY: http://secunia.com/advisories/12993/ CRITICAL: Moderately critical IMPACT: Unknown WHERE: From remote SOFTWARE: Mega Upload 1.x http://secunia.com/product/4156/ DESCRIPTION: A vulnerability with...

1AI score
Exploits0
Rows per page
Query Builder