Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

NVD
NVDadded 2006/03/09 1:6 p.m.13 views

CVE-2006-1098

Multiple SQL injection vulnerabilities in NZ Ecommerce allow remote attackers to execute arbitrary SQL commands via the 1 informationID or 2 ParentCategory parameter to index.php. NOTE: the vendor has disputed this issue in a comment on the researcher's blog, but research by CVE suggests that thi...

7.5CVSS8.4AI score0.01493EPSS
Exploits0References5
Cvelist
Cvelistadded 2006/03/09 11:0 a.m.11 views

CVE-2006-1096

Cross-site scripting XSS vulnerability in index.php in NZ Ecommerce allows remote attackers to inject arbitrary web script or HTML via the action parameter. NOTE: the vendor has disputed this issue in a comment on the researcher's blog, but research by CVE suggests that this might be a legitimate...

5.7AI score0.00491EPSS
Exploits1References5
Cvelist
Cvelistadded 2006/03/09 11:0 a.m.14 views

CVE-2006-1098

Multiple SQL injection vulnerabilities in NZ Ecommerce allow remote attackers to execute arbitrary SQL commands via the 1 informationID or 2 ParentCategory parameter to index.php. NOTE: the vendor has disputed this issue in a comment on the researcher's blog, but research by CVE suggests that thi...

8.4AI score0.01493EPSS
Exploits0References5
CVE
CVEadded 2006/03/09 11:0 a.m.37 views

CVE-2006-1096

CVE-2006-1096 affects NZ Ecommerce, specifically the XSS in index.php via the action parameter. The vulnerability is a stored/ reflected-type cross-site scripting issue that allows remote attackers to inject arbitrary script or HTML. The vendor’s dispute is noted in multiple sources; no concrete ...

4.3CVSS5.7AI score0.00491EPSS
Exploits1References5Affected Software1
CVE
CVEadded 2006/03/09 11:0 a.m.35 views

CVE-2006-1098

NZ Ecommerce is affected by multiple SQL injection vulnerabilities exploitable via index.php with the informationID or ParentCategory parameters. The root cause is improper input handling that allows arbitrary SQL execution. Impact is remote compromise of the database as described in sources; exp...

7.5CVSS8.5AI score0.01493EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologiesadded 2006/03/09 12:0 a.m.1 views

PT-2006-2123 · Nz · Nz Ecommerce

Name of the Vulnerable Software and Affected Versions: NZ Ecommerce affected versions not specified Description: A cross-site scripting XSS issue allows remote attackers to inject arbitrary web script or HTML via the action parameter in index.php. The vendor has disputed this issue, but research...

4.3CVSS5.9AI score0.00491EPSS
Exploits1References7
Exploit DB
Exploit DBadded 2006/03/02 12:0 a.m.23 views

NZ eCommerce System - 'index.php' Multiple SQL Injections

source: https://www.securityfocus.com/bid/16931/info NZ Ecommerce is prone to multiple input-validation vulnerabilities. These issues are due to the application's failure to properly sanitize user-supplied input. A successful exploit could allow an attacker to compromise the application, access o...

7.4AI score
Exploits0
exploitpack
exploitpackadded 2006/03/02 12:0 a.m.10 views

NZ eCommerce System - index.php Multiple SQL Injections

NZ eCommerce System - index.php Multiple SQL Injections source: https://www.securityfocus.com/bid/16931/info NZ Ecommerce is prone to multiple input-validation vulnerabilities. These issues are due to the application's failure to properly sanitize user-supplied input. A successful exploit could...

0.1AI score
Exploits0
Rows per page
Query Builder