Vulnerabilities > Orion

DATE CVE VULNERABILITY TITLE RISK
2023-05-25 CVE-2022-46856 Cross-Site Request Forgery (CSRF) vulnerability in Orion Woocommerce products Designer
Cross-Site Request Forgery (CSRF) vulnerability in ORION Woocommerce Products Designer plugin <= 4.3.3 versions.
network
low complexity
orion CWE-352
8.8
2010-01-13 CVE-2009-4493 Improper Input Validation vulnerability in Orion Application Server 2.0.7
Orion Application Server 2.0.7 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator.
network
low complexity
orion CWE-20
5.0