Omnistar Interactive
Products
4- 2 CVEs
- 2 CVEs
- 1 CVE
- 1 CVE
Recent CVEs
6| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2007-5724 | 0.03 | — | 0.02 | Oct 30, 2007 | Multiple cross-site scripting (XSS) vulnerabilities in Omnistar Live allow remote attackers to inject arbitrary web script or HTML via (1) the category_id parameter to users/kb.php, and possibly (3) the Email Box field in profile.php. | |||
| CVE-2007-4952 | 0.03 | — | 0.01 | Sep 18, 2007 | SQL injection vulnerability in article.php in OmniStar Article Manager allows remote attackers to execute arbitrary SQL commands via the page_id parameter in a favorite op action, a different vector than CVE-2006-5917. | |||
| CVE-2008-1850 | 0.00 | — | 0.01 | Apr 16, 2008 | Multiple cross-site scripting (XSS) vulnerabilities in login.php in Omnistar Interactive OSI Affiliate allow remote attackers to inject arbitrary web script or HTML via the (1) login, (2) profile, (3) profile2, and (4) ref parameters. | |||
| CVE-2006-5917 | 0.00 | — | 0.01 | Nov 15, 2006 | Multiple SQL injection vulnerabilities in OmniStar Article Manager allow remote attackers to execute arbitrary SQL commands via the (1) article_id parameter in (a) articles/comments.php and (b) articles/article.php, and the (2) page_id parameter in (c) articles/pages.php. | |||
| CVE-2005-3880 | 0.00 | — | 0.01 | Nov 29, 2005 | Multiple SQL injection vulnerabilities in Omnistar KBase 4.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) article_id parameter in users/comments.php, (2) category_id and (3) id parameters in users/kb.php. | |||
| CVE-2005-3840 | 0.00 | — | 0.01 | Nov 26, 2005 | SQL injection vulnerability in kb.php in Omnistar Live 5.2 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) id and (2) category_id parameter. NOTE: due to a typo, an Internet Explorer issue was incorrectly assigned this identifier, but the… |
- CVE-2007-5724Oct 30, 2007risk 0.03cvss —epss 0.02
Multiple cross-site scripting (XSS) vulnerabilities in Omnistar Live allow remote attackers to inject arbitrary web script or HTML via (1) the category_id parameter to users/kb.php, and possibly (3) the Email Box field in profile.php.
- CVE-2007-4952Sep 18, 2007risk 0.03cvss —epss 0.01
SQL injection vulnerability in article.php in OmniStar Article Manager allows remote attackers to execute arbitrary SQL commands via the page_id parameter in a favorite op action, a different vector than CVE-2006-5917.
- CVE-2008-1850Apr 16, 2008risk 0.00cvss —epss 0.01
Multiple cross-site scripting (XSS) vulnerabilities in login.php in Omnistar Interactive OSI Affiliate allow remote attackers to inject arbitrary web script or HTML via the (1) login, (2) profile, (3) profile2, and (4) ref parameters.
- CVE-2006-5917Nov 15, 2006risk 0.00cvss —epss 0.01
Multiple SQL injection vulnerabilities in OmniStar Article Manager allow remote attackers to execute arbitrary SQL commands via the (1) article_id parameter in (a) articles/comments.php and (b) articles/article.php, and the (2) page_id parameter in (c) articles/pages.php.
- CVE-2005-3880Nov 29, 2005risk 0.00cvss —epss 0.01
Multiple SQL injection vulnerabilities in Omnistar KBase 4.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) article_id parameter in users/comments.php, (2) category_id and (3) id parameters in users/kb.php.
- CVE-2005-3840Nov 26, 2005risk 0.00cvss —epss 0.01
SQL injection vulnerability in kb.php in Omnistar Live 5.2 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) id and (2) category_id parameter. NOTE: due to a typo, an Internet Explorer issue was incorrectly assigned this identifier, but the…