Vulnerabilities > Obie Website
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-05-09 | CVE-2007-2532 | Cross-Site Scripting vulnerability in Obie Website Mini web Shop 2 Multiple cross-site scripting (XSS) vulnerabilities in Minh Nguyen Duong Obie Website Mini Web Shop 2 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO (query string) to (1) sendmail.php or (2) order_form.php, different vectors than CVE-2006-6734. network obie-website | 4.3 |
2006-12-26 | CVE-2006-6735 | Information Exposure vulnerability in Obie Website Mini web Shop 2.1.C modules/viewcategory.php in Minh Nguyen Duong Obie Website Mini Web Shop 2.1.c allows remote attackers to obtain sensitive information via a request with an arbitrary catname parameter but no itemsdb parameter, which reveals the path in an error message. | 5.0 |
2006-12-26 | CVE-2006-6734 | Cross-Site Scripting vulnerability in Obie Website Mini web Shop 2.1.C Cross-site scripting (XSS) vulnerability in modules/viewcategory.php in Minh Nguyen Duong Obie Website Mini Web Shop 2.1.c allows remote attackers to inject arbitrary web script or HTML via the catname parameter. | 4.3 |