CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cross-site request forgery CSRF vulnerability in SAMEDIA LandShop 0.9.2 allows remote attackers to hijack the authentication of administrators for requests that change account settings...

6.8CVSS7.5AI score0.00462EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 3:43 a.m.•4 views

CVE-2012-5899

Cross-site scripting XSS vulnerability in admin/action/objects.php in SAMEDIA LandShop 0.9.2 allows remote attackers to inject arbitrary web script or HTML via the OTRHEADS parameter in an edit action. NOTE: some of these details are obtained from third party information...

4.3CVSS5.9AI score0.06607EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 3:43 a.m.•6 views

CVE-2012-5900

Multiple SQL injection vulnerabilities in SAMEDIA LandShop 0.9.2 allow remote attackers to execute arbitrary SQL commands via the 1 OBID parameter in a single action to admin/action/objects.php, 2 AREAID parameter in a single action to admin/action/areas.php, or 3 start parameter in a show action...

7.5CVSS8.9AI score0.02489EPSS

Exploits1References1

seebug.org•added 2014/07/01 12:0 a.m.•13 views

SAMEDIA LandShop 0.6.3 ls.php Multiple Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/15709/info Landshop is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitatio...

7.1AI score

Exploits0

NVD•added 2012/11/17 9:55 p.m.•10 views

CVE-2012-5899

4.3CVSS5.7AI score0.06607EPSS

Exploits1References5

NVD•added 2012/11/17 9:55 p.m.•9 views

CVE-2012-5898

Cross-site request forgery CSRF vulnerability in SAMEDIA LandShop 0.9.2 allows remote attackers to hijack the authentication of administrators for requests that change account settings...

6.8CVSS7.1AI score0.00462EPSS

Exploits1References5

NVD•added 2012/11/17 9:55 p.m.•11 views

CVE-2012-5900

7.5CVSS8.5AI score0.02489EPSS

Exploits1References7

Prion•added 2012/11/17 9:55 p.m.•10 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in SAMEDIA LandShop 0.9.2 allows remote attackers to hijack the authentication of administrators for requests that change account settings...

6.8CVSS7.6AI score0.00462EPSS

Exploits1References5Affected Software1

Prion•added 2012/11/17 9:55 p.m.•11 views

Cross site scripting

4.3CVSS6.2AI score0.06607EPSS

Exploits1References5Affected Software1

Prion•added 2012/11/17 9:55 p.m.•11 views

Sql injection

7.5CVSS9.2AI score0.02489EPSS

Exploits1References7Affected Software1

Cvelist•added 2012/11/17 9:0 p.m.•13 views

CVE-2012-5900

8.5AI score0.02489EPSS

Exploits1References7

Cvelist•added 2012/11/17 9:0 p.m.•12 views

CVE-2012-5898

Cross-site request forgery CSRF vulnerability in SAMEDIA LandShop 0.9.2 allows remote attackers to hijack the authentication of administrators for requests that change account settings...

7.1AI score0.00462EPSS

Exploits1References5

Cvelist•added 2012/11/17 9:0 p.m.•19 views

CVE-2012-5899

5.7AI score0.06607EPSS

Exploits1References5

CVE•added 2012/11/17 9:0 p.m.•48 views

CVE-2012-5898

The CVE-2012-5898 entry describes a CSRF vulnerability in SAMEDIA LandShop 0.9.2 that can allow an attacker to hijack an administrator’s session to issue requests that change account settings. The connected documents confirm the affected product/version and the nature of the vulnerability but do ...

6.8CVSS7.3AI score0.00462EPSS

Exploits1References5Affected Software1

CVE•added 2012/11/17 9:0 p.m.•36 views

CVE-2012-5899

SAMEDIA LandShop 0.9.2 contains a Cross‑site Scripting (XSS) vulnerability in the admin/action/objects.php script. The issue arises from processing the OTR_HEADS[] parameter during an edit action, allowing remote attackers to inject arbitrary web script or HTML. Documents in the connected set con...

4.3CVSS5.9AI score0.06607EPSS

Exploits1References5Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by