Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
osclass osclass vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2014-6308
Directory traversal vulnerability in OSClass prior to 3.4.2 allows remote malicious users to read arbitrary files via a .. (dot dot) in the file parameter in a render action to oc-admin/index.php.
Osclass Osclass
Osclass Osclass 3.4.0
1 EDB exploit
4.3
CVSSv2
CVE-2014-6280
Multiple cross-site scripting (XSS) vulnerabilities in OSClass prior to 3.4.2 allow remote malicious users to inject arbitrary web script or HTML via the (1) action or (2) nsextt parameter to oc-admin/index.php or the (3) nsextt parameter in an items_reported action to oc-admin/i...
Osclass Osclass
Osclass Osclass 3.4.0
6.4
CVSSv2
CVE-2012-1617
Directory traversal vulnerability in combine.php in OSClass prior to 2.3.6 allows remote malicious users to read and write arbitrary files via a .. (dot dot) in the type parameter. NOTE: this vulnerability can be leveraged to upload arbitrary files.
Juan Ramon Osclass 2.1.1
Juan Ramon Osclass 2.1
Juan Ramon Osclass 2.2.1
Juan Ramon Osclass 1.2
Juan Ramon Osclass
Juan Ramon Osclass 2.2
Juan Ramon Osclass 2.3.3
Juan Ramon Osclass 2.0
Juan Ramon Osclass 2.2.3
Juan Ramon Osclass 2.2.2
Juan Ramon Osclass 2.3.2
Juan Ramon Osclass 2.3.4
Juan Ramon Osclass 2.0.2
Juan Ramon Osclass 2.0.3
Juan Ramon Osclass 2.3.1
Juan Ramon Osclass 2.3
Juan Ramon Osclass 1.1
Juan Ramon Osclass 2.0.1
1 EDB exploit
4.3
CVSSv2
CVE-2012-0974
Multiple cross-site scripting (XSS) vulnerabilities in the getParam function in oc-includes/osclass/core/Params.php in OSClass prior to 2.3.5 allow remote malicious users to inject arbitrary web script or HTML via the (1) sCity, (2) sPattern, (3) sPriceMax, and (4) sPriceMin para...
Juan Ramon Osclass 2.0.1
Juan Ramon Osclass 2.0
Juan Ramon Osclass 1.2
Juan Ramon Osclass 2.3
Juan Ramon Osclass 2.2.3
Juan Ramon Osclass 2.2.2
Juan Ramon Osclass 2.2.1
Juan Ramon Osclass 2.2
Juan Ramon Osclass 2.3.3
Juan Ramon Osclass 2.3.1
Juan Ramon Osclass 2.1
Juan Ramon Osclass 2.0.2
Juan Ramon Osclass 1.1
Juan Ramon Osclass
Juan Ramon Osclass 2.3.2
Juan Ramon Osclass 2.1.1
Juan Ramon Osclass 2.0.3
1 EDB exploit
6.5
CVSSv2
CVE-2012-5162
Multiple SQL injection vulnerabilities in oc-admin/ajax/ajax.php in OSClass prior to 2.3.5 allow remote malicious users to execute arbitrary SQL commands via the id parameter in a (1) edit_category_post or (2) enable_category action to index.php.
Osclass Osclass
4.3
CVSSv2
CVE-2012-5163
Cross-site scripting (XSS) vulnerability in oc-admin/ajax/ajax.php in OSClass prior to 2.3.5 allows remote malicious users to inject arbitrary web script or HTML via the id parameter in an enable_category action to index.php.
Osclass Osclass
7.5
CVSSv2
CVE-2012-0973
Multiple SQL injection vulnerabilities in OSClass prior to 2.3.5 allow remote malicious users to execute arbitrary SQL commands via the sCategory parameter to index.php, which is not properly handled by the (1) osc_search_category_id function in oc-includes/osclass/helpers/hSearc...
Osclass Osclass
1 EDB exploit
6.8
CVSSv2
CVE-2014-8085
Unrestricted file upload vulnerability in the CWebContact::doModel method in oc-includes/osclass/controller/contact.php in OSClass prior to 3.4.3 allows remote malicious users to execute arbitrary PHP code by uploading a file with a PHP extension, then accessing it via a direct r...
Osclass Osclass
7.5
CVSSv2
CVE-2014-8084
Directory traversal vulnerability in oc-includes/osclass/controller/ajax.php in OSClass prior to 3.4.3 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the ajaxfile parameter in a custom action.
Osclass Osclass
7.5
CVSSv2
CVE-2014-8083
SQL injection vulnerability in the Search::setJsonAlert method in OSClass prior to 3.4.3 allows remote malicious users to execute arbitrary SQL commands via the alert parameter in a search alert subscription action.
Osclass Osclass
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »