Lucene search
K

121 matches found

NVD
NVD
added 2007/07/31 10:17 a.m.18 views

CVE-2007-4109

SQL injection vulnerability in signin.aspx in WebStore Online Store Application Template allows remote attackers to execute arbitrary SQL commands via the Password parameter...

7.5CVSS8.4AI score0.01177EPSS
Exploits1References6
Prion
Prion
added 2007/07/31 10:17 a.m.13 views

Sql injection

SQL injection vulnerability in signin.aspx in WebStore Online Store Application Template allows remote attackers to execute arbitrary SQL commands via the Password parameter...

7.5CVSS9.1AI score0.01177EPSS
Exploits1References6
Cvelist
Cvelist
added 2007/07/31 10:0 a.m.23 views

CVE-2007-4109

SQL injection vulnerability in signin.aspx in WebStore Online Store Application Template allows remote attackers to execute arbitrary SQL commands via the Password parameter...

8.4AI score0.01177EPSS
Exploits1References6
CVE
CVE
added 2007/07/31 10:0 a.m.50 views

CVE-2007-4109

The CVE-2007-4109 entry describes an SQL injection in sign_in.aspx of WebStore (Online Store Application Template), where an attacker can manipulate the Password parameter to execute arbitrary SQL. The connected NVD entry confirms a remote, unauthenticated SQL injection with network attack vector...

7.5CVSS8.4AI score0.01177EPSS
Exploits1References6Affected Software1
Packet Storm
Packet Storm
added 2007/07/31 12:0 a.m.23 views

webstore-sql.txt

A R I A - S E C U R I T Y WebStore - Online Store Application Template SQL INJECTION Vendor: http://www.codewidgets.com http://target.com/PATH/signin.aspx Username: admin Password: anything' OR 'x'='x Credits: Aria-Security Team http://aria-security.net http://outlaw.aria-security.info...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2007/07/28 12:0 a.m.42 views

WebStore - Online Store Application Template SQL INJECTION

A R I A - S E C U R I T Y WebStore - Online Store Application Template SQL INJECTION Vendor: http://www.codewidgets.com http://target.com/PATH/signin.aspx Username: admin Password: anything' OR 'x'='x Credits: Aria-Security Team http://aria-security.net http://outlaw.aria-security.info...

7.8AI score
Exploits0
securityvulns
securityvulns
added 2005/06/20 12:0 a.m.40 views

[EXPL] eXtropia WebStore Remote Command Execution (web_store.cgi)

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...

0.4AI score
Exploits0
CVE
CVE
added 2005/05/03 4:0 a.m.36 views

CVE-2005-1403

CVE-2005-1403 affects JustWilliam’s Amazon Webstore 04050100. It contains multiple cross-site scripting (XSS) flaws allowing remote injection of arbitrary script/HTML via (1) image parameter to closeup.php, (2) currentIsExpanded or (3) searchFor parameters to index.php, (4) currentNumber paramete...

6.8CVSS6AI score0.05731EPSS
Exploits1References10
Cvelist
Cvelist
added 2005/05/03 4:0 a.m.15 views

CVE-2005-1403

Multiple cross-site scripting XSS vulnerabilities in JustWilliam's Amazon Webstore 04050100 allow remote attackers to inject arbitrary web script or HTML via the 1 image parameter to closeup.php, the 2 currentIsExpanded or 3 searchFor parameters to index.php, 4 the currentNumber parameter to...

5.8AI score0.05731EPSS
Exploits1References10
NVD
NVD
added 2005/05/03 4:0 a.m.17 views

CVE-2005-1403

Multiple cross-site scripting XSS vulnerabilities in JustWilliam's Amazon Webstore 04050100 allow remote attackers to inject arbitrary web script or HTML via the 1 image parameter to closeup.php, the 2 currentIsExpanded or 3 searchFor parameters to index.php, 4 the currentNumber parameter to...

6.8CVSS5.8AI score0.05731EPSS
Exploits1References10
exploitpack
exploitpack
added 2005/04/28 12:0 a.m.12 views

Just Williams Amazon Webstore - CurrentIsExpanded Cross-Site Scripting

Just Williams Amazon Webstore - CurrentIsExpanded Cross-Site Scripting source: https://www.securityfocus.com/bid/13425/info Amazon Webstore is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2005/04/28 12:0 a.m.13 views

Just Williams Amazon Webstore - Closeup.php?Image Cross-Site Scripting

Just Williams Amazon Webstore - Closeup.php?Image Cross-Site Scripting source: https://www.securityfocus.com/bid/13419/info Amazon Webstore is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may...

Exploits0
exploitpack
exploitpack
added 2005/04/28 12:0 a.m.15 views

Just Williams Amazon Webstore - searchFor Cross-Site Scripting

Just Williams Amazon Webstore - searchFor Cross-Site Scripting source: https://www.securityfocus.com/bid/13426/info Amazon Webstore is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverag...

6.8AI score
Exploits0
exploitpack
exploitpack
added 2005/04/28 12:0 a.m.17 views

Just Williams Amazon Webstore - CurrentNumber Cross-Site Scripting

Just Williams Amazon Webstore - CurrentNumber Cross-Site Scripting source: https://www.securityfocus.com/bid/13427/info Amazon Webstore is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may...

Exploits0
exploitpack
exploitpack
added 2005/04/28 12:0 a.m.15 views

Just Williams Amazon Webstore - HTTP Response Splitting

Just Williams Amazon Webstore - HTTP Response Splitting source: https://www.securityfocus.com/bid/13428/info Amazon Webstore is prone to a HTTP response splitting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. A remote attacker may explo...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2005/04/28 12:0 a.m.28 views

Just William's Amazon Webstore - 'searchFor' Cross-Site Scripting

source: https://www.securityfocus.com/bid/13426/info Amazon Webstore is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2005/04/28 12:0 a.m.28 views

Just William's Amazon Webstore - 'CurrentIsExpanded' Cross-Site Scripting

source: https://www.securityfocus.com/bid/13425/info Amazon Webstore is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2005/04/28 12:0 a.m.26 views

Just William's Amazon Webstore - 'CurrentNumber' Cross-Site Scripting

source: https://www.securityfocus.com/bid/13427/info Amazon Webstore is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2005/04/28 12:0 a.m.26 views

Just William's Amazon Webstore - HTTP Response Splitting

source: https://www.securityfocus.com/bid/13428/info Amazon Webstore is prone to a HTTP response splitting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. A remote attacker may exploit this vulnerability to influence or misrepresent how W...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2005/04/28 12:0 a.m.25 views

Just William's Amazon Webstore - 'Closeup.php?Image' Cross-Site Scripting

source: https://www.securityfocus.com/bid/13419/info Amazon Webstore is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the...

7AI score
Exploits0
Rows per page
Query Builder