Open Web Analytics@1.2.3 Security Vulnerabilities and Issues — Open Web Analytics@1.2.3 CVE List

Lucene search

OpenwebanalyticsOpen Web Analytics1.2.3

4 matches found

CVE•added 2014/01/15 4:8 p.m.•79 views

CVE-2014-1206

SQL injection vulnerability in the password reset page in Open Web Analytics (OWA) before 1.5.5 allows remote attackers to execute arbitrary SQL commands via the owa_email_address parameter in a base.passwordResetRequest action to index.php.

7.5CVSS8.4AI score0.03399EPSS

CVE•added 2010/07/08 10:30 p.m.•37 views

CVE-2010-2677

PHP remote file inclusion vulnerability in mw_plugin.php in Open Web Analytics (OWA) 1.2.3, when magic_quotes_gpc is disabled and register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the IP parameter. NOTE: some of these details are obtained from third par...

5.1CVSS7.8AI score0.03911EPSS

CVE•added 2010/07/08 10:30 p.m.•35 views

CVE-2010-2676

Multiple directory traversal vulnerabilities in index.php in Open Web Analytics (OWA) 1.2.3 might allow remote attackers to read arbitrary files via directory traversal sequences in the (1) owa_action and (2) owa_do parameters.

5CVSS7.1AI score0.04076EPSS

CVE•added 2014/03/01 12:1 a.m.•34 views

CVE-2014-1456

Cross-site scripting (XSS) vulnerability in the login page in Open Web Analytics (OWA) before 1.5.6 allows remote attackers to inject arbitrary web script or HTML via the owa_user_id parameter to index.php.

4.3CVSS5.8AI score0.0032EPSS