Lucene search
K

8 matches found

NVD
NVD
added 2014/07/28 3:55 p.m.20 views

CVE-2014-5105

Multiple cross-site scripting XSS vulnerabilities in ol-commerce 2.1.1 allow remote attackers to inject arbitrary web script or HTML via the 1 acountry parameter in a process action to affiliatesignup.php or 2 entrycountryid parameter in an edit action to admin/createaccount.php...

4.3CVSS5.8AI score0.01427EPSS
Exploits1References2
Prion
Prion
added 2014/07/28 3:55 p.m.18 views

Sql injection

Multiple SQL injection vulnerabilities in ol-commerce 2.1.1 allow remote attackers to execute arbitrary SQL commands via the 1 acountry parameter in a process action to affiliatesignup.php, 2 affiliatebannerid parameter to affiliateshowbanner.php, 3 country parameter in a process action to...

7.5CVSS9.2AI score0.02144EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2014/07/28 3:55 p.m.18 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in ol-commerce 2.1.1 allow remote attackers to inject arbitrary web script or HTML via the 1 acountry parameter in a process action to affiliatesignup.php or 2 entrycountryid parameter in an edit action to admin/createaccount.php...

4.3CVSS6AI score0.01427EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2014/07/28 3:0 p.m.23 views

CVE-2014-5104

Multiple SQL injection vulnerabilities in ol-commerce 2.1.1 allow remote attackers to execute arbitrary SQL commands via the 1 acountry parameter in a process action to affiliatesignup.php, 2 affiliatebannerid parameter to affiliateshowbanner.php, 3 country parameter in a process action to...

8.5AI score0.02144EPSS
Exploits1References2
Cvelist
Cvelist
added 2014/07/28 3:0 p.m.22 views

CVE-2014-5105

Multiple cross-site scripting XSS vulnerabilities in ol-commerce 2.1.1 allow remote attackers to inject arbitrary web script or HTML via the 1 acountry parameter in a process action to affiliatesignup.php or 2 entrycountryid parameter in an edit action to admin/createaccount.php...

5.8AI score0.01427EPSS
Exploits1References2
exploitpack
exploitpack
added 2014/07/17 12:0 a.m.18 views

Fonality trixbox - index.php Remote Code Execution

Fonality trixbox - index.php Remote Code Execution source: https://www.securityfocus.com/bid/68719/info ol-commerce is prone to multiple SQL-injection vulnerabilities and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting these...

Exploits0
exploitpack
exploitpack
added 2014/07/17 12:0 a.m.15 views

Fonality trixbox - endpointcfg.php Directory Traversal

Fonality trixbox - endpointcfg.php Directory Traversal source: https://www.securityfocus.com/bid/68719/info ol-commerce is prone to multiple SQL-injection vulnerabilities and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting...

0.3AI score
Exploits0
Exploit DB
Exploit DB
added 2014/07/17 12:0 a.m.22 views

Fonality trixbox - 'index.php' Remote Code Execution

source: https://www.securityfocus.com/bid/68719/info ol-commerce is prone to multiple SQL-injection vulnerabilities and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting these vulnerabilities could allow an attacker to steal...

7.4AI score
Exploits0
Rows per page
Query Builder