Hulihanapplications
Products
3- 2 CVEs
- 1 CVE
- 1 CVE
Recent CVEs
4| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2010-4963 | 0.03 | — | 0.01 | Oct 9, 2011 | SQL injection vulnerability in folder/list in Hulihan BXR 0.6.8 allows remote attackers to execute arbitrary SQL commands via the order_by parameter. | |||
| CVE-2010-3024 | 0.03 | — | 0.01 | Aug 16, 2010 | Multiple cross-site request forgery (CSRF) vulnerabilities in user/main/update_user in DiamondList 0.1.6, and possibly earlier, allow remote attackers to hijack the authentication of administrators for requests that (1) change the administrative password or (2) change the site's… | |||
| CVE-2010-3023 | 0.03 | — | 0.03 | Aug 16, 2010 | Multiple cross-site scripting (XSS) vulnerabilities in DiamondList 0.1.6, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) category[description] parameter to user/main/update_category, which is not properly handled by… | |||
| CVE-2010-5085 | 0.00 | — | 0.01 | Feb 14, 2012 | Multiple cross-site request forgery (CSRF) vulnerabilities in admin/update_user in Hulihan Amethyst 0.1.5, and possibly earlier, allow remote attackers to hijack the authentication of administrators for requests that (1) change the administrative password or (2) change the… |
- CVE-2010-4963Oct 9, 2011risk 0.03cvss —epss 0.01
SQL injection vulnerability in folder/list in Hulihan BXR 0.6.8 allows remote attackers to execute arbitrary SQL commands via the order_by parameter.
- CVE-2010-3024Aug 16, 2010risk 0.03cvss —epss 0.01
Multiple cross-site request forgery (CSRF) vulnerabilities in user/main/update_user in DiamondList 0.1.6, and possibly earlier, allow remote attackers to hijack the authentication of administrators for requests that (1) change the administrative password or (2) change the site's…
- CVE-2010-3023Aug 16, 2010risk 0.03cvss —epss 0.03
Multiple cross-site scripting (XSS) vulnerabilities in DiamondList 0.1.6, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) category[description] parameter to user/main/update_category, which is not properly handled by…
- CVE-2010-5085Feb 14, 2012risk 0.00cvss —epss 0.01
Multiple cross-site request forgery (CSRF) vulnerabilities in admin/update_user in Hulihan Amethyst 0.1.5, and possibly earlier, allow remote attackers to hijack the authentication of administrators for requests that (1) change the administrative password or (2) change the…