Vendor
Mole Group
Products
11
CVEs
12
Across products
13
Status
Private
Products
11- 2 CVEs
- 2 CVEs
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
Recent CVEs
12| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2009-4675 | 0.03 | — | 0.02 | Mar 5, 2010 | admin/admin_info/index.php in the Mole Group Gastro Portal (Restaurant Directory) Script does not require administrative authentication, which allows remote attackers to change the admin password via an unspecified form submission. | ||
| CVE-2009-4674 | 0.03 | — | 0.03 | Mar 5, 2010 | admin/admin.php in Mole Group Sky Hunter Airline Ticket Sale Script and Bus Ticket Script allows remote attackers to change an arbitrary password via a modified user_id field. | ||
| CVE-2009-4673 | 0.03 | — | 0.01 | Mar 5, 2010 | SQL injection vulnerability in profile.php in Mole Group Adult Portal Script allows remote attackers to execute arbitrary SQL commands via the user_id parameter. | ||
| CVE-2008-6484 | 0.03 | — | 0.00 | Mar 18, 2009 | SQL injection vulnerability in login.php in Mole Group Taxi Map Script (aka Taxi Calc Dist Script) allows remote attackers to execute arbitrary SQL commands via the user field. | ||
| CVE-2008-6225 | 0.03 | — | 0.01 | Feb 20, 2009 | SQL injection vulnerability in info.php in Mole Group Airline Ticket Sale Script allows remote attackers to execute arbitrary SQL commands via the flight parameter. NOTE: the vendor has disputed this issue, stating "crazy hackers and so named Security companies [spread] out such false informations. Such scripts or versions [do not] exist. | ||
| CVE-2008-5047 | 0.03 | — | 0.00 | Nov 13, 2008 | SQL injection vulnerability in admin/index.php in Mole Group Rental Script allows remote attackers to execute arbitrary SQL commands via the username parameter. | ||
| CVE-2008-5046 | 0.03 | — | 0.00 | Nov 13, 2008 | SQL injection vulnerability in index.php in Mole Group Pizza Script allows remote attackers to execute arbitrary SQL commands via the manufacturers_id parameter. | ||
| CVE-2008-3124 | 0.03 | — | 0.00 | Jul 10, 2008 | SQL injection vulnerability in index.php in Mole Group Hotel Script 1.0 allows remote attackers to execute arbitrary SQL commands via the file parameter. | ||
| CVE-2008-3125 | 0.03 | — | 0.01 | Jul 10, 2008 | SQL injection vulnerability in index.php in Mole Group Lastminute Script 4.0 allows remote attackers to execute arbitrary SQL commands via the cid parameter. | ||
| CVE-2008-3123 | 0.03 | — | 0.00 | Jul 10, 2008 | SQL injection vulnerability in index.php in Mole Group Real Estate Script 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the listing_id parameter in a listings action. | ||
| CVE-2008-6818 | 0.00 | — | 0.00 | Jun 1, 2009 | Mole Group Real Estate Script 1.1 and earlier stores passwords in cleartext, which allows context-dependent attackers to obtain sensitive information. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||
| CVE-2008-6817 | 0.00 | — | 0.00 | Jun 1, 2009 | Mole Group Lastminute Script 4.0 and earlier stores passwords in cleartext, which allows context-dependent attackers to obtain sensitive information. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. |