8 matches found
CVE-2014-5105
Multiple cross-site scripting XSS vulnerabilities in ol-commerce 2.1.1 allow remote attackers to inject arbitrary web script or HTML via the 1 acountry parameter in a process action to affiliatesignup.php or 2 entrycountryid parameter in an edit action to admin/createaccount.php...
Sql injection
Multiple SQL injection vulnerabilities in ol-commerce 2.1.1 allow remote attackers to execute arbitrary SQL commands via the 1 acountry parameter in a process action to affiliatesignup.php, 2 affiliatebannerid parameter to affiliateshowbanner.php, 3 country parameter in a process action to...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in ol-commerce 2.1.1 allow remote attackers to inject arbitrary web script or HTML via the 1 acountry parameter in a process action to affiliatesignup.php or 2 entrycountryid parameter in an edit action to admin/createaccount.php...
CVE-2014-5104
Multiple SQL injection vulnerabilities in ol-commerce 2.1.1 allow remote attackers to execute arbitrary SQL commands via the 1 acountry parameter in a process action to affiliatesignup.php, 2 affiliatebannerid parameter to affiliateshowbanner.php, 3 country parameter in a process action to...
CVE-2014-5105
Multiple cross-site scripting XSS vulnerabilities in ol-commerce 2.1.1 allow remote attackers to inject arbitrary web script or HTML via the 1 acountry parameter in a process action to affiliatesignup.php or 2 entrycountryid parameter in an edit action to admin/createaccount.php...
Fonality trixbox - index.php Remote Code Execution
Fonality trixbox - index.php Remote Code Execution source: https://www.securityfocus.com/bid/68719/info ol-commerce is prone to multiple SQL-injection vulnerabilities and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting these...
Fonality trixbox - endpointcfg.php Directory Traversal
Fonality trixbox - endpointcfg.php Directory Traversal source: https://www.securityfocus.com/bid/68719/info ol-commerce is prone to multiple SQL-injection vulnerabilities and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting...
Fonality trixbox - 'index.php' Remote Code Execution
source: https://www.securityfocus.com/bid/68719/info ol-commerce is prone to multiple SQL-injection vulnerabilities and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting these vulnerabilities could allow an attacker to steal...