Lucene search

Orion Security Vulnerabilities

cve

CVE-2009-4493

Orion Application Server 2.0.7 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator.

7.8AI Score

0.003EPSS

2010-01-13 08:30 PM

cve

CVE-2022-46856

Cross-Site Request Forgery (CSRF) vulnerability in ORION Woocommerce Products Designer plugin <= 4.3.3 versions.

8.8CVSS

8.8AI Score

0.001EPSS

2023-05-25 12:15 PM