Lucene search
K

16 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.20 views

ObieWebsite Mini Web Shop 2 order_form.php PATH_INFO Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/23847/info Mini Web Shop is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker can exploit these issues to steal cookie-based...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.14 views

ObieWebsite Mini Web Shop 2 sendmail.php PATH_INFO Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/23847/info Mini Web Shop is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker can exploit these issues to steal cookie-based...

7.1AI score
Exploits0
CVE
CVE
added 2007/05/09 12:0 a.m.40 views

CVE-2007-2532

CVE-2007-2532 concerns Minh Nguyen Duong Obie Website Mini Web Shop 2.1.c. It describes multiple XSS vulnerabilities reachable via PATH_INFO to sendmail.php or order_form.php, and via the catname parameter in modules/viewcategory.php (a different vector than CVE-2006-6734). Root cause appears to ...

4.3CVSS5.7AI score0.03725EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2007/05/09 12:0 a.m.25 views

CVE-2007-2532

Multiple cross-site scripting XSS vulnerabilities in Minh Nguyen Duong Obie Website Mini Web Shop 2 allow remote attackers to inject arbitrary web script or HTML via the PATHINFO query string to 1 sendmail.php or 2 orderform.php, different vectors than CVE-2006-6734...

5.6AI score0.03725EPSS
Exploits1References6
Packet Storm
Packet Storm
added 2007/05/08 12:0 a.m.21 views

miniwebshop2-xss.txt

-=--------------------ADVISORY-------------------=- Mini Web Shop V.2 Author: CorryL [email protected] -=-----------------------------------------------=- -=+ Application: Mini Web Shop -=+ Version: 2 -=+ Vendor's URL: http://obiewebsite.sourceforge.net/o.php?MiniWebShop -=+ Platform:...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2007/05/02 12:0 a.m.13 views

ObieWebsite Mini Web Shop 2 - order_form.php?PATH_INFO Cross-Site Scripting

ObieWebsite Mini Web Shop 2 - orderform.php?PATHINFO Cross-Site Scripting source: https://www.securityfocus.com/bid/23847/info Mini Web Shop is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker can exploi...

6.8AI score
Exploits0
exploitpack
exploitpack
added 2007/05/02 12:0 a.m.14 views

ObieWebsite Mini Web Shop 2 - Sendmail.php?PATH_INFO Cross-Site Scripting

ObieWebsite Mini Web Shop 2 - Sendmail.php?PATHINFO Cross-Site Scripting source: https://www.securityfocus.com/bid/23847/info Mini Web Shop is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker can exploit...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2007/05/02 12:0 a.m.25 views

ObieWebsite Mini Web Shop 2 - 'Sendmail.php?PATH_INFO' Cross-Site Scripting

source: https://www.securityfocus.com/bid/23847/info Mini Web Shop is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker can exploit these issues to steal cookie-based authentication credentials and launch...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2007/05/02 12:0 a.m.24 views

ObieWebsite Mini Web Shop 2 - 'order_form.php?PATH_INFO' Cross-Site Scripting

source: https://www.securityfocus.com/bid/23847/info Mini Web Shop is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker can exploit these issues to steal cookie-based authentication credentials and launch...

7.4AI score
Exploits0
NVD
NVD
added 2006/12/26 11:28 p.m.15 views

CVE-2006-6734

Cross-site scripting XSS vulnerability in modules/viewcategory.php in Minh Nguyen Duong Obie Website Mini Web Shop 2.1.c allows remote attackers to inject arbitrary web script or HTML via the catname parameter...

4.3CVSS5.6AI score0.01734EPSS
Exploits1References6
Cvelist
Cvelist
added 2006/12/26 11:0 p.m.17 views

CVE-2006-6735

modules/viewcategory.php in Minh Nguyen Duong Obie Website Mini Web Shop 2.1.c allows remote attackers to obtain sensitive information via a request with an arbitrary catname parameter but no itemsdb parameter, which reveals the path in an error message. NOTE: CVE analysis suggests that this erro...

6.3AI score0.01513EPSS
Exploits1References4
CVE
CVE
added 2006/12/26 11:0 p.m.47 views

CVE-2006-6734

CVE-2006-6734 describes a cross-site scripting (XSS) vulnerability in Minh Nguyen Duong Obie Website Mini Web Shop 2.1.c. The issue allows remote attackers to inject arbitrary web script or HTML via the catname parameter to modules/viewcategory.php. Connected records corroborate the same product ...

4.3CVSS5.6AI score0.01734EPSS
Exploits1References6Affected Software1
CVE
CVE
added 2006/12/26 11:0 p.m.41 views

CVE-2006-6735

The CVE-2006-6735 entry concerns Minh Nguyen Duong Obie Website Mini Web Shop 2.1.c. The vulnerability allows remote attackers to obtain sensitive information by issuing a request with an arbitrary catname parameter and without an itemsdb parameter, causing an error message that reveals a file pa...

5CVSS6.7AI score0.01513EPSS
Exploits1References4Affected Software1
Packet Storm
Packet Storm
added 2006/12/22 12:0 a.m.24 views

miniwebshop-xss.txt

Hello Vulnerable : MINI WEB SHOP Version: 2.1.c web : http://ObieWebsite.SourceForge.net I Found some bugs XSS & Full Path Disclosure in MINI WEB SHOP XSS : http://example.com/miniwebshop/modules/viewcategory.php?catname='alertdocument.cookie Full Path Disclosure :...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2006/12/20 12:0 a.m.51 views

Multiple Bugs in MINI WEB SHOP

Hello Vulnerable : MINI WEB SHOP Version: 2.1.c web : http://ObieWebsite.SourceForge.net I Found some bugs XSS & Full Path Disclosure in MINI WEB SHOP XSS : http://example.com/miniwebshop/modules/viewcategory.php?catname='scriptalertdocument.cookie/script Full Path Disclosure :...

6.3AI score
Exploits0
exploitpack
exploitpack
added 2006/12/19 12:0 a.m.13 views

Mini Web Shop 2.1.c - view.php?Viewcategory.php Cross-Site Scripting

Mini Web Shop 2.1.c - view.php?Viewcategory.php Cross-Site Scripting source: https://www.securityfocus.com/bid/21677/info Mini Web Shop is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to...

6.8AI score
Exploits0
Rows per page
Query Builder