Lucene search
K

74 matches found

CVE
CVE
added 2015/05/20 6:0 p.m.61 views

CVE-2012-1664

osCMax 2.5.1 fixes CVE-2012-1664 (and related CVE-2012-1665) XSS and SQLi vulnerabilities in the admin panel. The advisory describes multiple reflected XSS vectors in admin/login.php, admin/new_attributes_include.php, admin/htaccess.php, admin/information_form.php, admin/xsell.php, and several st...

4.3CVSS5.7AI score0.02861EPSS
Exploits2References14Affected Software1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.20 views

osCMax 2.0 (fckeditor) Remote File Upload

No description provided by source. Title: osCMax 2.0 fckeditor Remote File Upload Vendor: http://www.oscdox.com Dork: Powered by osCMax v2.0 , Copyright @ RahnemaCo.com AUTHOR: ITSecTeam Email: [email protected] Website: http://www.itsecteam.com Forum : http://forum.ITSecTeam.com Original Advisor...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/03/20 12:0 a.m.14 views

osCmax跨站请求伪造漏洞

Bugtraq ID:66272 osCmax是一款免费的PHP开源商城。 osCmax存在跨站请求伪造漏洞,允许远程攻击者构建恶意URI,诱使用户解析,可以目标用户上下文执行恶意操作,如添加管理员账户。 0 osCmax 2.5.X 目前没有详细解决方案提供: http://www.oscmax.com/ html form method="post" name="newmember" action="http://127.0.0.1/catalog/admin/adminmembers.php?action=membernewpage=1mID=1" input...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2014/03/17 12:0 a.m.17 views

osCMax 2.5 - Cross-Site Request Forgery

source: https://www.securityfocus.com/bid/66272/info osCmax is prone to a cross-site request-forgery vulnerability because it does not properly validate HTTP requests. Exploiting this issue may allow a remote attacker to perform certain unauthorized actions. This may lead to further attacks...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2014/03/17 12:0 a.m.13 views

osCMax 2.5 - Cross-Site Request Forgery

osCMax 2.5 - Cross-Site Request Forgery source: https://www.securityfocus.com/bid/66272/info osCmax is prone to a cross-site request-forgery vulnerability because it does not properly validate HTTP requests. Exploiting this issue may allow a remote attacker to perform certain unauthorized actions...

0.5AI score
Exploits0
Packet Storm
Packet Storm
added 2014/03/17 12:0 a.m.24 views

osCmax 2.5.x Cross Site Request Forgery

Author: TUNISIAN CYBER + Exploit Title: osCmax 2.5.X Cross-Site Request Forgery Add Admin Vulnerability + Date: 15-03-2014 + Category: WebApp + Version: 2.5.X + Tested on: KaliLinux/Windows 7 Pro + CWE: CWE-302 + Vendor: http://www.oscmax.com/ + Friendly Sites: na3il.com,th3-creative.com +...

0.8AI score
Exploits0
0day.today
0day.today
added 2014/03/17 12:0 a.m.19 views

osCmax 2.5.X Cross-Site Request Forgery (Add Admin) Vulnerability

Exploit for php platform in category web applications + Author: TUNISIAN CYBER + Exploit Title: osCmax 2.5.X Cross-Site Request Forgery Add Admin Vulnerability + Date: 15-03-2014 + Category: WebApp + Version: 2.5.X + Tested on: KaliLinux/Windows 7 Pro + CWE: CWE-302 + Vendor: http://www.oscmax.co...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2013/12/09 12:0 a.m.96 views

osCmax e-Commerce 2.5.3 Cross Site Scripting / Shell Upload

Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail : submitat1337day.com 1 0 0 1 1 0 I'm KedAns-Dz member from Inj3ct0r Team 1 1 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 Title : osCmax...

4.1CVSS0.1AI score0.00959EPSS
Exploits11
Exploit DB
Exploit DB
added 2013/12/09 12:0 a.m.20 views

osCMax - Arbitrary File Upload / Full Path Information Disclosure

source: https://www.securityfocus.com/bid/64307/info osCMax is prone to an arbitrary file-upload vulnerability and an information-disclosure vulnerability . Attackers can exploit these issues to obtain sensitive information and upload arbitrary files. This may aid in other attacks. osCMax 2.5.3 i...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2013/12/09 12:0 a.m.9 views

osCMax - Arbitrary File Upload Full Path Information Disclosure

osCMax - Arbitrary File Upload Full Path Information Disclosure source: https://www.securityfocus.com/bid/64307/info osCMax is prone to an arbitrary file-upload vulnerability and an information-disclosure vulnerability . Attackers can exploit these issues to obtain sensitive information and uploa...

7.2AI score
Exploits0
securityvulns
securityvulns
added 2012/04/23 12:0 a.m.70 views

osCmax Shop CMS v2.5.1 - Multiple Web Vulnerabilities

Title: ====== osCmax Shop CMS v2.5.1 - Multiple Web Vulnerabilities Date: ===== 2012-04-08 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=497 VL-ID: ===== 497 Introduction: ============= osCMax is a powerful e-commerce/shopping cart web application. There are many...

Exploits0
securityvulns
securityvulns
added 2012/04/09 12:0 a.m.93 views

Multiple vulnerabilities in osCmax

Advisory ID: HTB23081 Product: osCmax Vendor: osCMax.com Vulnerable Versions: 2.5.0 and probably prior Tested Version: 2.5.0 Vendor Notification: 14 March 2012 Vendor Patch: 30 March 2012 Public Disclosure: 4 April 2012 Vulnerability Type: Cross-Site Scripting XSS, SQL Injection CVE References:...

7.5CVSS7.5AI score0.02861EPSS
Exploits3
Packet Storm
Packet Storm
added 2012/04/09 12:0 a.m.49 views

osCmax Shop CMS 2.5.1 Cross Site Scripting

Title: ====== osCmax Shop CMS v2.5.1 - Multiple Web Vulnerabilities Date: ===== 2012-04-08 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=497 VL-ID: ===== 497 Introduction: ============= osCMax is a powerful e-commerce/shopping cart web application. There are many...

0.1AI score
Exploits0
Vulnerability Lab
Vulnerability Lab
added 2012/04/07 12:0 a.m.62 views

osCmax Shop CMS v2.5.1 - Multiple Web Vulnerabilities

Document Title: =============== osCmax Shop CMS v2.5.1 - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=497 Release Date: ============= 2012-04-07 Vulnerability Laboratory ID VL-ID: ==================================== 497...

7.1AI score
Exploits0
Vulnerability Lab
Vulnerability Lab
added 2012/04/07 12:0 a.m.20 views

osCmax Shop CMS v2.5.1 - Multiple Web Vulnerabilities

Document Title: =============== osCmax Shop CMS v2.5.1 - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=497 Release Date: ============= 2012-04-07 Vulnerability Laboratory ID VL-ID: ==================================== 497...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2012/04/04 12:0 a.m.19 views

osCMax 2.5 - adminstats_products_purchased.php Multiple Cross-Site Scripting Vulnerabilities

osCMax 2.5 - adminstatsproductspurchased.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/52886/info osCMax is prone to multiple SQL-injection vulnerabilities and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2012/04/04 12:0 a.m.18 views

osCMax 2.5 - adminhtaccess.php Multiple Cross-Site Scripting Vulnerabilities

osCMax 2.5 - adminhtaccess.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/52886/info osCMax is prone to multiple SQL-injection vulnerabilities and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied...

Exploits0
exploitpack
exploitpack
added 2012/04/04 12:0 a.m.16 views

osCMax 2.5 - adminstats_monthly_sales.php?status Cross-Site Scripting

osCMax 2.5 - adminstatsmonthlysales.php?status Cross-Site Scripting source: https://www.securityfocus.com/bid/52886/info osCMax is prone to multiple SQL-injection vulnerabilities and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input...

Exploits0
exploitpack
exploitpack
added 2012/04/04 12:0 a.m.16 views

osCMax 2.5 - adminstats_monthly_sales.php?status SQL Injection

osCMax 2.5 - adminstatsmonthlysales.php?status SQL Injection source: https://www.securityfocus.com/bid/52886/info osCMax is prone to multiple SQL-injection vulnerabilities and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting...

Exploits0
exploitpack
exploitpack
added 2012/04/04 12:0 a.m.17 views

osCMax 2.5 - adminlogin.php?Username Cross-Site Scripting

osCMax 2.5 - adminlogin.php?Username Cross-Site Scripting source: https://www.securityfocus.com/bid/52886/info osCMax is prone to multiple SQL-injection vulnerabilities and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting thes...

6.8AI score
Exploits0
Rows per page
Query Builder