Lucene search
K

92 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.20 views

Piwik Open Flash Chart Remote Code Execution Vulnerability

No description provided by source. Bugtraq ID: 37314 Class: Input Validation Error CVE: Remote: Yes Local: No Published: Dec 14 2009 12:00AM Updated: Dec 17 2009 06:03PM Credit: Braeden Thomas Vulnerable: Piwik Piwik 0.4.3 Piwik Piwik 0.4.2 Piwik Piwik 0.4.1 Piwik Piwik 0.4 Piwik Piwik 0.2.37 Piw...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/05/27 12:0 a.m.26 views

Open Web Analytics < 1.5.6 Multiple Vulnerabilities

According to its banner, the version of Open Web Analytics installed on the remote host is prior to version 1.5.6. It is, therefore, affected by the following vulnerabilities : - A cross-site scripting flaw exists with the login page where input to the 'owauserid' parameter is not properly...

8.8CVSS8.1AI score0.01807EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2014/05/27 12:0 a.m.49 views

Open Web Analytics owa_email_address SQL Injection

The version of Open Web Analytics hosted on the remote web server fails to sanitize input to the 'owaemailaddress' parameter of the 'index.php' script before using it in a database query. An unauthenticated remote attacker can leverage this issue to manipulate database queries, resulting in the...

7.5CVSS5.7AI score0.02495EPSS
Exploits7References4
securityvulns
securityvulns
added 2014/05/05 12:0 a.m.137 views

[SWRX-2014-001] Open Web Analytics Pre-Auth SQL Injection

Dell SecureWorks Security Advisory SWRX-2014-001 Open Web Analytics Pre-Auth SQL Injection Advisory Information Title: Open Web Analytics Pre-Auth SQL Injection Advisory ID: SWRX-2014-001 Advisory URL: http://www.secureworks.com/cyber-threat-intelligence/advisories/SWRX-2014-001/ Date published:...

7.5CVSS0.3AI score0.02495EPSS
Exploits7
seebug.org
seebug.org
added 2014/03/11 12:0 a.m.32 views

Open Web Analytics 'owa_event'参数PHP对象注入漏洞

Bugtraq ID:66076 CVE ID:CVE-2014-2294 Open Web Analytics是一款基于PHP+MySQL开发的、开源的网络分析软件,可以用来追踪和分析人们是怎样访问你的网站和应用程序的。 Open Web Analytics queue.php不正确过滤通过"owaevent" POST参数提交给"unserialize"的输入,允许远程攻击者利用漏洞通过特制的序列化对象操作部分受限配置选项或创建或覆盖任意文件。 0 Open Web Analytics 1.5.6 厂商补丁: Open Web Analytics ----- Open Web...

0.2AI score0.02808EPSS
Exploits2
OpenVAS
OpenVAS
added 2014/03/05 12:0 a.m.21 views

Open Web Analytics < 1.5.6 Reflected XSS Vulnerability - Active Check

Open Web Analytics is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

4.3CVSS6AI score0.01807EPSS
Exploits0References4
NVD
NVD
added 2014/03/01 12:1 a.m.18 views

CVE-2014-1456

Cross-site scripting XSS vulnerability in the login page in Open Web Analytics OWA before 1.5.6 allows remote attackers to inject arbitrary web script or HTML via the owauserid parameter to index.php...

4.3CVSS7.2AI score0.01807EPSS
Exploits0References5
Prion
Prion
added 2014/03/01 12:1 a.m.13 views

Cross site scripting

Cross-site scripting XSS vulnerability in the login page in Open Web Analytics OWA before 1.5.6 allows remote attackers to inject arbitrary web script or HTML via the owauserid parameter to index.php...

4.3CVSS6.1AI score0.01807EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2014/02/28 5:0 p.m.20 views

CVE-2014-1456

Cross-site scripting XSS vulnerability in the login page in Open Web Analytics OWA before 1.5.6 allows remote attackers to inject arbitrary web script or HTML via the owauserid parameter to index.php...

7.2AI score0.01807EPSS
Exploits0References5
CVE
CVE
added 2014/02/28 5:0 p.m.47 views

CVE-2014-1456

Open Web Analytics (OWA) prior to version 1.5.6 is affected by CVE-2014-1456, a cross-site scripting (XSS) vulnerability in the login page. The issue allows injection of arbitrary script or HTML via the owa_user_id parameter to index.php, with impact described as partial integrity impact and no c...

4.3CVSS5.8AI score0.01807EPSS
Exploits0References5Affected Software1
Exploit DB
Exploit DB
added 2014/02/18 12:0 a.m.60 views

Open Web Analytics 1.5.4 - &#039;owa_email_address&#039; SQL Injection

""" Dell SecureWorks Security Advisory SWRX-2014-001 Open Web Analytics Pre-Auth SQL Injection Advisory Information Title: Open Web Analytics Pre-Auth SQL Injection Advisory ID: SWRX-2014-001 Advisory URL: http://www.secureworks.com/cyber-threat-intelligence/advisories/SWRX-2014-001/ Date...

7.5CVSS7AI score0.02495EPSS
Exploits7
0day.today
0day.today
added 2014/02/18 12:0 a.m.79 views

Open Web Analytics 1.5.4 Pre-Auth SQL Injection Vulnerability

Open Web Analytics OWA is open source web analytics software that can track and analyze how visitors use websites and applications. OWA is vulnerable to SQL injection that allows an attacker to execute arbitrary SQL statements in the context of the configured OWA database user without...

7.5CVSS0.4AI score0.02495EPSS
Exploits7
exploitpack
exploitpack
added 2014/02/18 12:0 a.m.70 views

Open Web Analytics 1.5.4 - owa_email_address SQL Injection

Open Web Analytics 1.5.4 - owaemailaddress SQL Injection """ Dell SecureWorks Security Advisory SWRX-2014-001 Open Web Analytics Pre-Auth SQL Injection Advisory Information Title: Open Web Analytics Pre-Auth SQL Injection Advisory ID: SWRX-2014-001 Advisory URL:...

7.5CVSS0.1AI score0.02495EPSS
Exploits7
Packet Storm
Packet Storm
added 2014/02/17 12:0 a.m.63 views

Open Web Analytics Pre-Auth SQL Injection

Dell SecureWorks Security Advisory SWRX-2014-001 Open Web Analytics Pre-Auth SQL Injection Advisory Information Title: Open Web Analytics Pre-Auth SQL Injection Advisory ID: SWRX-2014-001 Advisory URL: http://www.secureworks.com/cyber-threat-intelligence/advisories/SWRX-2014-001/ Date published:...

7.5CVSS0.1AI score0.02495EPSS
Exploits7
OpenVAS
OpenVAS
added 2014/01/21 12:0 a.m.14 views

Open Web Analytics (OWA) Detection (HTTP)

HTTP based detection of Open Web Analytics OWA. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.4AI score
Exploits0References1
OpenVAS
OpenVAS
added 2014/01/21 12:0 a.m.47 views

Open Web Analytics < 1.5.5 SQLi Vulnerability - Active Check

Open Web Analytics is prone to an SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.5CVSS7.3AI score0.02495EPSS
Exploits7References3
NVD
NVD
added 2014/01/15 4:8 p.m.18 views

CVE-2014-1206

SQL injection vulnerability in the password reset page in Open Web Analytics OWA before 1.5.5 allows remote attackers to execute arbitrary SQL commands via the owaemailaddress parameter in a base.passwordResetRequest action to index.php...

7.5CVSS8.3AI score0.02495EPSS
Exploits7References6
Prion
Prion
added 2014/01/15 4:8 p.m.9 views

Sql injection

SQL injection vulnerability in the password reset page in Open Web Analytics OWA before 1.5.5 allows remote attackers to execute arbitrary SQL commands via the owaemailaddress parameter in a base.passwordResetRequest action to index.php...

7.5CVSS9AI score0.02495EPSS
Exploits7References6Affected Software1
Cvelist
Cvelist
added 2014/01/15 4:0 p.m.27 views

CVE-2014-1206

SQL injection vulnerability in the password reset page in Open Web Analytics OWA before 1.5.5 allows remote attackers to execute arbitrary SQL commands via the owaemailaddress parameter in a base.passwordResetRequest action to index.php...

8.2AI score0.02495EPSS
Exploits7References6
CVE
CVE
added 2014/01/15 4:0 p.m.94 views

CVE-2014-1206

Open Web Analytics (OWA)

7.5CVSS8.4AI score0.02495EPSS
Exploits7References6Affected Software1
Rows per page
Query Builder