30 matches found
EUVD-2014-5003
Malware in sbrugna...
EUVD-2014-5002
Malware in sbrugna...
CVE-2014-5105
Multiple cross-site scripting XSS vulnerabilities in ol-commerce 2.1.1 allow remote attackers to inject arbitrary web script or HTML via the 1 acountry parameter in a process action to affiliatesignup.php or 2 entrycountryid parameter in an edit action to admin/createaccount.php...
CVE-2014-5104
Multiple SQL injection vulnerabilities in ol-commerce 2.1.1 allow remote attackers to execute arbitrary SQL commands via the 1 acountry parameter in a process action to affiliatesignup.php, 2 affiliatebannerid parameter to affiliateshowbanner.php, 3 country parameter in a process action to...
CVE-2014-5104
Multiple SQL injection vulnerabilities in ol-commerce 2.1.1 allow remote attackers to execute arbitrary SQL commands via the 1 acountry parameter in a process action to affiliatesignup.php, 2 affiliatebannerid parameter to affiliateshowbanner.php, 3 country parameter in a process action to...
CVE-2014-5105
Multiple cross-site scripting XSS vulnerabilities in ol-commerce 2.1.1 allow remote attackers to inject arbitrary web script or HTML via the 1 acountry parameter in a process action to affiliatesignup.php or 2 entrycountryid parameter in an edit action to admin/createaccount.php...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in ol-commerce 2.1.1 allow remote attackers to inject arbitrary web script or HTML via the 1 acountry parameter in a process action to affiliatesignup.php or 2 entrycountryid parameter in an edit action to admin/createaccount.php...
Sql injection
Multiple SQL injection vulnerabilities in ol-commerce 2.1.1 allow remote attackers to execute arbitrary SQL commands via the 1 acountry parameter in a process action to affiliatesignup.php, 2 affiliatebannerid parameter to affiliateshowbanner.php, 3 country parameter in a process action to...
CVE-2014-5105
The CVE-2014-5105 entry concerns OL-Commerce 2.1.1 with two reflected XSS vectors: (1) a_country in process action to affiliate_signup.php and (2) entry_country_id in edit action to admin/create_account.php. The underlying issue is cross-site scripting due to unsanitized input in these parameters...
CVE-2014-5104
CVE-2014-5104 affects ol-commerce 2.1.1 and involves multiple SQL injection vulnerabilities in PHP scripts: affiliate_signup.php (a_country), affiliate_show_banner.php (affiliate_banner_id), create_account.php (country), and admin/create_account.php (entry_country_id). The root cause is improper ...
CVE-2014-5105
Multiple cross-site scripting XSS vulnerabilities in ol-commerce 2.1.1 allow remote attackers to inject arbitrary web script or HTML via the 1 acountry parameter in a process action to affiliatesignup.php or 2 entrycountryid parameter in an edit action to admin/createaccount.php...
CVE-2014-5104
Multiple SQL injection vulnerabilities in ol-commerce 2.1.1 allow remote attackers to execute arbitrary SQL commands via the 1 acountry parameter in a process action to affiliatesignup.php, 2 affiliatebannerid parameter to affiliateshowbanner.php, 3 country parameter in a process action to...
OL-Commerce 2.1.1 Cross Site Scripting / SQL Injection Vulnerabilities
OL-Commerce version 2.1.1 suffers from cross site scripting and remote SQL injection vulnerabilities. OL-Commerce v2.1.1 - Multiple Vulnerabilties =================================================================== .:. Author : AtT4CKxT3rR0r1ST .:. Contact : email protected , email protected .:...
OL-Commerce 2.1.1 Cross Site Scripting / SQL Injection
OL-Commerce v2.1.1 - Multiple Vulnerabilties =================================================================== .:. Author : AtT4CKxT3rR0r1ST .:. Contact : [email protected] , [email protected] .:. Home : http://www.iphobos.com/blog/ .:. Script :...
OL-Commerce - OL-Commercecreate_account.php?country SQL Injection
OL-Commerce - OL-Commercecreateaccount.php?country SQL Injection source: https://www.securityfocus.com/bid/68719/info ol-commerce is prone to multiple SQL-injection vulnerabilities and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input...
Fonality trixbox - 'index.php' Directory Traversal
source: https://www.securityfocus.com/bid/68719/info ol-commerce is prone to multiple SQL-injection vulnerabilities and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting these vulnerabilities could allow an attacker to steal...
Fonality trixbox - 'endpointcfg.php' Directory Traversal
source: https://www.securityfocus.com/bid/68719/info ol-commerce is prone to multiple SQL-injection vulnerabilities and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting these vulnerabilities could allow an attacker to steal...
OL-Commerce - '/OL-Commerce/affiliate_signup.php?a_country' SQL Injection
source: https://www.securityfocus.com/bid/68719/info ol-commerce is prone to multiple SQL-injection vulnerabilities and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting these vulnerabilities could allow an attacker to steal...
OL-Commerce - '/OL-Commerce/create_account.php?country' SQL Injection
source: https://www.securityfocus.com/bid/68719/info ol-commerce is prone to multiple SQL-injection vulnerabilities and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting these vulnerabilities could allow an attacker to steal...
Fonality trixbox - endpointcfg.php Directory Traversal
Fonality trixbox - endpointcfg.php Directory Traversal source: https://www.securityfocus.com/bid/68719/info ol-commerce is prone to multiple SQL-injection vulnerabilities and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting...