Mole Group
Products
13- 2 CVEs
- 2 CVEs
- 2 CVEs
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
Recent CVEs
13| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2009-4675 | 0.03 | — | 0.03 | Mar 5, 2010 | admin/admin_info/index.php in the Mole Group Gastro Portal (Restaurant Directory) Script does not require administrative authentication, which allows remote attackers to change the admin password via an unspecified form submission. | |||
| CVE-2009-4674 | 0.03 | — | 0.02 | Mar 5, 2010 | admin/admin.php in Mole Group Sky Hunter Airline Ticket Sale Script and Bus Ticket Script allows remote attackers to change an arbitrary password via a modified user_id field. | |||
| CVE-2009-4673 | 0.03 | — | 0.01 | Mar 5, 2010 | SQL injection vulnerability in profile.php in Mole Group Adult Portal Script allows remote attackers to execute arbitrary SQL commands via the user_id parameter. | |||
| CVE-2008-6484 | 0.03 | — | 0.01 | Mar 18, 2009 | SQL injection vulnerability in login.php in Mole Group Taxi Map Script (aka Taxi Calc Dist Script) allows remote attackers to execute arbitrary SQL commands via the user field. | |||
| CVE-2008-6225 | 0.03 | — | 0.01 | Feb 20, 2009 | SQL injection vulnerability in info.php in Mole Group Airline Ticket Sale Script allows remote attackers to execute arbitrary SQL commands via the flight parameter. NOTE: the vendor has disputed this issue, stating "crazy hackers and so named Security companies [spread] out… | |||
| CVE-2008-5047 | 0.03 | — | 0.01 | Nov 13, 2008 | SQL injection vulnerability in admin/index.php in Mole Group Rental Script allows remote attackers to execute arbitrary SQL commands via the username parameter. | |||
| CVE-2008-5046 | 0.03 | — | 0.01 | Nov 13, 2008 | SQL injection vulnerability in index.php in Mole Group Pizza Script allows remote attackers to execute arbitrary SQL commands via the manufacturers_id parameter. | |||
| CVE-2008-3123 | 0.03 | — | 0.01 | Jul 10, 2008 | SQL injection vulnerability in index.php in Mole Group Real Estate Script 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the listing_id parameter in a listings action. | |||
| CVE-2008-3125 | 0.03 | — | 0.01 | Jul 10, 2008 | SQL injection vulnerability in index.php in Mole Group Lastminute Script 4.0 allows remote attackers to execute arbitrary SQL commands via the cid parameter. | |||
| CVE-2008-3124 | 0.03 | — | 0.01 | Jul 10, 2008 | SQL injection vulnerability in index.php in Mole Group Hotel Script 1.0 allows remote attackers to execute arbitrary SQL commands via the file parameter. | |||
| CVE-2008-6818 | 0.00 | — | 0.01 | Jun 1, 2009 | Mole Group Real Estate Script 1.1 and earlier stores passwords in cleartext, which allows context-dependent attackers to obtain sensitive information. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||
| CVE-2008-6817 | 0.00 | — | 0.01 | Jun 1, 2009 | Mole Group Lastminute Script 4.0 and earlier stores passwords in cleartext, which allows context-dependent attackers to obtain sensitive information. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||
| CVE-2006-3049 | 0.00 | — | 0.01 | Jun 16, 2006 | Multiple cross-site scripting (XSS) vulnerabilities in booking3.php in Mole Group Ticket Booking Script allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) address1, (3) address2, (4) county, (5) postcode, (6) email, (7) phone, or (8) mobile… |
- CVE-2009-4675Mar 5, 2010risk 0.03cvss —epss 0.03
admin/admin_info/index.php in the Mole Group Gastro Portal (Restaurant Directory) Script does not require administrative authentication, which allows remote attackers to change the admin password via an unspecified form submission.
- CVE-2009-4674Mar 5, 2010risk 0.03cvss —epss 0.02
admin/admin.php in Mole Group Sky Hunter Airline Ticket Sale Script and Bus Ticket Script allows remote attackers to change an arbitrary password via a modified user_id field.
- CVE-2009-4673Mar 5, 2010risk 0.03cvss —epss 0.01
SQL injection vulnerability in profile.php in Mole Group Adult Portal Script allows remote attackers to execute arbitrary SQL commands via the user_id parameter.
- CVE-2008-6484Mar 18, 2009risk 0.03cvss —epss 0.01
SQL injection vulnerability in login.php in Mole Group Taxi Map Script (aka Taxi Calc Dist Script) allows remote attackers to execute arbitrary SQL commands via the user field.
- CVE-2008-6225Feb 20, 2009risk 0.03cvss —epss 0.01
SQL injection vulnerability in info.php in Mole Group Airline Ticket Sale Script allows remote attackers to execute arbitrary SQL commands via the flight parameter. NOTE: the vendor has disputed this issue, stating "crazy hackers and so named Security companies [spread] out…
- CVE-2008-5047Nov 13, 2008risk 0.03cvss —epss 0.01
SQL injection vulnerability in admin/index.php in Mole Group Rental Script allows remote attackers to execute arbitrary SQL commands via the username parameter.
- CVE-2008-5046Nov 13, 2008risk 0.03cvss —epss 0.01
SQL injection vulnerability in index.php in Mole Group Pizza Script allows remote attackers to execute arbitrary SQL commands via the manufacturers_id parameter.
- CVE-2008-3123Jul 10, 2008risk 0.03cvss —epss 0.01
SQL injection vulnerability in index.php in Mole Group Real Estate Script 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the listing_id parameter in a listings action.
- CVE-2008-3125Jul 10, 2008risk 0.03cvss —epss 0.01
SQL injection vulnerability in index.php in Mole Group Lastminute Script 4.0 allows remote attackers to execute arbitrary SQL commands via the cid parameter.
- CVE-2008-3124Jul 10, 2008risk 0.03cvss —epss 0.01
SQL injection vulnerability in index.php in Mole Group Hotel Script 1.0 allows remote attackers to execute arbitrary SQL commands via the file parameter.
- CVE-2008-6818Jun 1, 2009risk 0.00cvss —epss 0.01
Mole Group Real Estate Script 1.1 and earlier stores passwords in cleartext, which allows context-dependent attackers to obtain sensitive information. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
- CVE-2008-6817Jun 1, 2009risk 0.00cvss —epss 0.01
Mole Group Lastminute Script 4.0 and earlier stores passwords in cleartext, which allows context-dependent attackers to obtain sensitive information. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
- CVE-2006-3049Jun 16, 2006risk 0.00cvss —epss 0.01
Multiple cross-site scripting (XSS) vulnerabilities in booking3.php in Mole Group Ticket Booking Script allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) address1, (3) address2, (4) county, (5) postcode, (6) email, (7) phone, or (8) mobile…