Vulnerabilities > Orbitcoders
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-07-18 | CVE-2006-3614 | SQL-Injection vulnerability in Orbitcoders Orbitmatrix 1.0 index.php in Orbitcoders OrbitMATRIX 1.0 allows remote attackers to trigger a SQL error via the page_name parameter, possibly due to a SQL injection vulnerability. | 7.5 |
2006-07-18 | CVE-2006-3610 | Information Disclosure vulnerability in Orbitcoders Orbitmatrix 1.0 index.php in Orbitcoders OrbitMATRIX 1.0 allows remote attackers to obtain sensitive information (partial database schema) via a modified page_name parameter, which reflects portions of an SQL query in the result. | 5.0 |
2006-07-18 | CVE-2006-3609 | Cross-Site Scripting vulnerability in Orbitcoders Orbitmatrix 1.0 Cross-site scripting (XSS) vulnerability in index.php in Orbitcoders OrbitMATRIX 1.0 allows remote attackers to inject arbitrary web script or HTML via the page_name parameter with an IMG tag containing a javascript URI in the SRC attribute. network orbitcoders | 4.3 |