Lucene search
K

4 matches found

Prion
Prion
added 2007/05/09 12:19 a.m.15 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Minh Nguyen Duong Obie Website Mini Web Shop 2 allow remote attackers to inject arbitrary web script or HTML via the PATHINFO query string to 1 sendmail.php or 2 orderform.php, different vectors than CVE-2006-6734...

4.3CVSS5.9AI score0.03725EPSS
Exploits2References6Affected Software1
Cvelist
Cvelist
added 2007/05/09 12:0 a.m.24 views

CVE-2007-2532

Multiple cross-site scripting XSS vulnerabilities in Minh Nguyen Duong Obie Website Mini Web Shop 2 allow remote attackers to inject arbitrary web script or HTML via the PATHINFO query string to 1 sendmail.php or 2 orderform.php, different vectors than CVE-2006-6734...

5.6AI score0.03725EPSS
Exploits1References6
CVE
CVE
added 2007/05/09 12:0 a.m.40 views

CVE-2007-2532

CVE-2007-2532 concerns Minh Nguyen Duong Obie Website Mini Web Shop 2.1.c. It describes multiple XSS vulnerabilities reachable via PATH_INFO to sendmail.php or order_form.php, and via the catname parameter in modules/viewcategory.php (a different vector than CVE-2006-6734). Root cause appears to ...

4.3CVSS5.7AI score0.03725EPSS
Exploits1References6Affected Software1
Exploit DB
Exploit DB
added 2007/05/02 12:0 a.m.24 views

ObieWebsite Mini Web Shop 2 - 'order_form.php?PATH_INFO' Cross-Site Scripting

source: https://www.securityfocus.com/bid/23847/info Mini Web Shop is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker can exploit these issues to steal cookie-based authentication credentials and launch...

7.4AI score
Exploits0
Rows per page
Query Builder