CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

Cvelist•added 2007/05/09 12:0 a.m.•23 views

CVE-2007-2532

Multiple cross-site scripting XSS vulnerabilities in Minh Nguyen Duong Obie Website Mini Web Shop 2 allow remote attackers to inject arbitrary web script or HTML via the PATHINFO query string to 1 sendmail.php or 2 orderform.php, different vectors than CVE-2006-6734...

5.6AI score0.03725EPSS

Exploits1References6

CVE•added 2007/05/09 12:0 a.m.•37 views

CVE-2007-2532

CVE-2007-2532 concerns Minh Nguyen Duong Obie Website Mini Web Shop 2.1.c. It describes multiple XSS vulnerabilities reachable via PATH_INFO to sendmail.php or order_form.php, and via the catname parameter in modules/viewcategory.php (a different vector than CVE-2006-6734). Root cause appears to ...

4.3CVSS5.7AI score0.03725EPSS

Exploits1References6Affected Software1

CVE•added 2006/12/26 11:0 p.m.•40 views

CVE-2006-6735

The CVE-2006-6735 entry concerns Minh Nguyen Duong Obie Website Mini Web Shop 2.1.c. The vulnerability allows remote attackers to obtain sensitive information by issuing a request with an arbitrary catname parameter and without an itemsdb parameter, causing an error message that reveals a file pa...

5CVSS6.7AI score0.01513EPSS

Exploits1References4Affected Software1

Cvelist•added 2006/12/26 11:0 p.m.•17 views

CVE-2006-6734

Cross-site scripting XSS vulnerability in modules/viewcategory.php in Minh Nguyen Duong Obie Website Mini Web Shop 2.1.c allows remote attackers to inject arbitrary web script or HTML via the catname parameter...

5.6AI score0.01734EPSS

Exploits1References6

Cvelist•added 2006/12/26 11:0 p.m.•15 views

CVE-2006-6735

modules/viewcategory.php in Minh Nguyen Duong Obie Website Mini Web Shop 2.1.c allows remote attackers to obtain sensitive information via a request with an arbitrary catname parameter but no itemsdb parameter, which reveals the path in an error message. NOTE: CVE analysis suggests that this erro...

6.3AI score0.01513EPSS

Exploits1References4

CVE•added 2006/12/26 11:0 p.m.•45 views

CVE-2006-6734

CVE-2006-6734 describes a cross-site scripting (XSS) vulnerability in Minh Nguyen Duong Obie Website Mini Web Shop 2.1.c. The issue allows remote attackers to inject arbitrary web script or HTML via the catname parameter to modules/viewcategory.php. Connected records corroborate the same product ...

4.3CVSS5.6AI score0.01734EPSS

Exploits1References6Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by