Lucene search
+L

64 matches found

Packet Storm
Packet Storm
added 2010/05/25 12:0 a.m.26 views

Webasyst Shop-Script Blind SQL Injection

".$res; if!pregmatch"/Subquery returns/", $result $res .= chr$j; break; echo $out; ifsubstrst...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2010/04/19 12:0 a.m.45 views

VUPEN Web Security Research - WebAsyst Shop-Script Multiple Input Validation Vulnerabilities

VUPEN Web Security Research - WebAsyst Shop-Script Multiple Input Validation Vulnerabilities http://www.vupen.com/english/research-web.php I. BACKGROUND --------------------- "WebAsyst Shop-Script FREE - simple and free PHP shopping cart script. It provides basic shopping cart functionality and...

0.1AI score
Exploits0
NVD
NVD
added 2010/04/16 7:30 p.m.17 views

CVE-2010-1464

Multiple cross-site scripting XSS vulnerabilities in WebAsyst Shop-Script FREE allow remote attackers to inject arbitrary web script or HTML via the 1 currencyidleft, 2 currencyidright, 3 darkcolor, 4 lightcolor, 5 middlecolor, and 6 w parameters...

4.3CVSS5.8AI score0.01022EPSS
Exploits0References3
NVD
NVD
added 2010/04/16 7:30 p.m.19 views

CVE-2010-1462

Directory traversal vulnerability in WebAsyst Shop-Script FREE has unknown impact and attack vectors via the sub parameter...

10CVSS6.5AI score0.02273EPSS
Exploits0References3
Prion
Prion
added 2010/04/16 7:30 p.m.15 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in WebAsyst Shop-Script FREE allow remote attackers to inject arbitrary web script or HTML via the 1 currencyidleft, 2 currencyidright, 3 darkcolor, 4 lightcolor, 5 middlecolor, and 6 w parameters...

4.3CVSS6.1AI score0.01022EPSS
Exploits0References3
NVD
NVD
added 2010/04/16 7:30 p.m.13 views

CVE-2010-1463

Multiple SQL injection vulnerabilities in WebAsyst Shop-Script FREE allow attackers to execute arbitrary SQL commands via the 1 add2cart, 2 cid, 3 categoryID, 4 listprice, 5 name, 6 newoffer, 7 price, 8 productcode, 9 productID, 10 rating, and 11 saveproduct parameters...

7.5CVSS8.4AI score0.01246EPSS
Exploits0References3
Prion
Prion
added 2010/04/16 7:30 p.m.20 views

Directory traversal

Directory traversal vulnerability in WebAsyst Shop-Script FREE has unknown impact and attack vectors via the sub parameter...

10CVSS7.1AI score0.02273EPSS
Exploits0References3
Prion
Prion
added 2010/04/16 7:30 p.m.13 views

Sql injection

Multiple SQL injection vulnerabilities in WebAsyst Shop-Script FREE allow attackers to execute arbitrary SQL commands via the 1 add2cart, 2 cid, 3 categoryID, 4 listprice, 5 name, 6 newoffer, 7 price, 8 productcode, 9 productID, 10 rating, and 11 saveproduct parameters...

7.5CVSS9.1AI score0.01246EPSS
Exploits0References3
CVE
CVE
added 2010/04/16 7:0 p.m.48 views

CVE-2010-1464

The CVE-2010-1464 entry describes multiple reflected XSS vulnerabilities in WebAsyst Shop-Script FREE, exploitable via the parameters currency_id_left, currency_id_right, darkcolor, lightcolor, middlecolor, and w. The underlying issue is an XSS input handling weakness that permits remote attacker...

4.3CVSS5.9AI score0.01022EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2010/04/16 7:0 p.m.52 views

CVE-2010-1462

CVE-2010-1462 affects WebAsyst Shop-Script FREE and is a directory traversal vulnerability exploitable through the sub parameter. The known impact is described as unknown in the CVE entry; the NVD entry lists a base score of 10.0 (HIGH) with network attack vector and complete impact on confidenti...

10CVSS6.7AI score0.02273EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2010/04/16 7:0 p.m.45 views

CVE-2010-1463

CVE-2010-1463 concerns multiple SQL injection vulnerabilities in WebAsyst Shop-Script FREE. According to the NVD entry, an attacker can execute arbitrary SQL commands through a set of parameters: add2cart, c_id, categoryID, list_price, name, new_offer, price, product_code, productID, rating, and ...

7.5CVSS8.7AI score0.01246EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2010/04/16 7:0 p.m.16 views

CVE-2010-1463

Multiple SQL injection vulnerabilities in WebAsyst Shop-Script FREE allow attackers to execute arbitrary SQL commands via the 1 add2cart, 2 cid, 3 categoryID, 4 listprice, 5 name, 6 newoffer, 7 price, 8 productcode, 9 productID, 10 rating, and 11 saveproduct parameters...

8.4AI score0.01246EPSS
Exploits0References3
Cvelist
Cvelist
added 2010/04/16 7:0 p.m.26 views

CVE-2010-1462

Directory traversal vulnerability in WebAsyst Shop-Script FREE has unknown impact and attack vectors via the sub parameter...

6.5AI score0.02273EPSS
Exploits0References3
Cvelist
Cvelist
added 2010/04/16 7:0 p.m.17 views

CVE-2010-1464

Multiple cross-site scripting XSS vulnerabilities in WebAsyst Shop-Script FREE allow remote attackers to inject arbitrary web script or HTML via the 1 currencyidleft, 2 currencyidright, 3 darkcolor, 4 lightcolor, 5 middlecolor, and 6 w parameters...

5.8AI score0.01022EPSS
Exploits0References3
Exploit DB
Exploit DB
added 2009/07/27 12:0 a.m.22 views

WebAsyst Shop-Script PREMIUM - 'SearchString' Cross-Site Scripting

source: https://www.securityfocus.com/bid/43380/info Shop-Script PREMIUM is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in th...

7.4AI score
Exploits0
0day.today
0day.today
added 2009/07/09 12:0 a.m.20 views

WebAsyst Shop-Script (bSQL/XSS) Multiple Remote Vulnerabilities

Exploit for unknown platform in category web applications =============================================================== WebAsyst Shop-Script bSQL/XSS Multiple Remote Vulnerabilities ===============================================================...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2009/07/09 12:0 a.m.24 views

webasyst shop-script - Blind SQL Injection Cross-Site Scripting

webasyst shop-script - Blind SQL Injection Cross-Site Scripting ============================================================================================= Title : Blind SQL/XSS Multiple Remote Vulnerabilities Software : WebAsyst Shop-Script Vendor : http://www.webasyst.net Date : 03 July 2009...

8.1AI score
Exploits0
seebug.org
seebug.org
added 2009/07/09 12:0 a.m.21 views

WebAsyst Shop-Script (bSQL/XSS) Multiple Remote Vulnerabilities

No description provided by source. ============================================================================================= Title : Blind SQL/XSS Multiple Remote Vulnerabilities Software : WebAsyst Shop-Script Vendor : http://www.webasyst.net Date : 03 July 2009 Indonesia Author : Vrs-hCk...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2009/07/09 12:0 a.m.39 views

webasyst shop-script - Blind SQL Injection / Cross-Site Scripting

============================================================================================= Title : Blind SQL/XSS Multiple Remote Vulnerabilities Software : WebAsyst Shop-Script Vendor : http://www.webasyst.net Date : 03 July 2009 Indonesia Author : Vrs-hCk Contact : [email protected] Blog :...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2009/07/09 12:0 a.m.12 views

WebAsyst Shop-Script - index.php Cross-Site Scripting

WebAsyst Shop-Script - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/43661/info WebAsyst Shop-Script is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary...

6.8AI score
Exploits0
Rows per page
Query Builder