Obie Website Mini Web Shop vulnerabilities
3 known vulnerabilities affecting obie_website/mini_web_shop.
Total CVEs
3
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
MEDIUM3
Vulnerabilities
Page 1 of 1
CVE-2007-2532P4MEDIUMCVSS 4.3PoCv22007-05-09
CVE-2007-2532 [MEDIUM] CVE-2007-2532: Multiple cross-site scripting (XSS) vulnerabilities in Minh Nguyen Duong Obie Website Mini Web Shop
Multiple cross-site scripting (XSS) vulnerabilities in Minh Nguyen Duong Obie Website Mini Web Shop 2 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO (query string) to (1) sendmail.php or (2) order_form.php, different vectors than CVE-2006-6734.
nvd
CVE-2006-6734P4MEDIUMCVSS 4.3PoCv2.1.c2006-12-26
CVE-2006-6734 [MEDIUM] CWE-79 CVE-2006-6734: Cross-site scripting (XSS) vulnerability in modules/viewcategory.php in Minh Nguyen Duong Obie Websi
Cross-site scripting (XSS) vulnerability in modules/viewcategory.php in Minh Nguyen Duong Obie Website Mini Web Shop 2.1.c allows remote attackers to inject arbitrary web script or HTML via the catname parameter.
nvd
CVE-2006-6735P4MEDIUMCVSS 5.0v2.1.c2006-12-26
CVE-2006-6735 [MEDIUM] CWE-200 CVE-2006-6735: modules/viewcategory.php in Minh Nguyen Duong Obie Website Mini Web Shop 2.1.c allows remote attacke
modules/viewcategory.php in Minh Nguyen Duong Obie Website Mini Web Shop 2.1.c allows remote attackers to obtain sensitive information via a request with an arbitrary catname parameter but no itemsdb parameter, which reveals the path in an error message. NOTE: CVE analysis suggests that this error might be resultant from a more serious issue such as d
nvd