Onlinetechtools.com : Security Vulnerabilities, CVEs,

CVE-2010-4186

SQL injection vulnerability in process.asp in OnlineTechTools Online Work Order System (OWOS) Professional Edition 2.10 allows remote attackers to execute arbitrary SQL commands via the password parameter. NOTE: some of these details are obtained from third party information.
Max CVSS
7.5
EPSS Score
0.07%
Published
2010-11-05
Updated
2017-08-17

CVE-2009-4859

Multiple cross-site scripting (XSS) vulnerabilities in Online Work Order Suite (OWOS) Lite Edition 3.10 allow remote attackers to inject arbitrary web script or HTML via the show parameter to (1) default.asp and (2) report.asp, and the (3) go parameter to login.asp.
Max CVSS
4.3
EPSS Score
0.18%
Published
2010-05-11
Updated
2010-05-11

CVE-2005-3852

SQL injection vulnerability in search.asp in Online Work Order Suite (OWOS) Lite Edition for ASP 3.0 allows remote attackers to execute arbitrary SQL commands via the keyword parameter.
Max CVSS
7.5
EPSS Score
0.33%
Published
2005-11-27
Updated
2013-07-03

CVE-2005-3851

Cross-site scripting (XSS) vulnerability in search.asp in Online Attendance System (OASYS) Lite 1.0 allows remote attackers to inject arbitrary web script or HTML via certain search parameters, possibly the keyword parameter.
Max CVSS
4.3
EPSS Score
0.48%
Published
2005-11-27
Updated
2011-03-08

CVE-2005-3850

Cross-site scripting (XSS) vulnerability in search.asp in Online Knowledge Base System (OKBSYS) Lite Edition 1.0 allows remote attackers to inject arbitrary web script or HTML via hex-encoded values in the q parameter.
Max CVSS
4.3
EPSS Score
0.48%
Published
2005-11-27
Updated
2011-03-08
5 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close