Orbitcoders Orbitmatrix : Security vulnerabilities, CVEs

Copy

CVE-2006-3614

index.php in Orbitcoders OrbitMATRIX 1.0 allows remote attackers to trigger a SQL error via the page_name parameter, possibly due to a SQL injection vulnerability.

Max CVSS

7.5

EPSS Score

0.65%

Published

2006-07-18

Updated

2018-10-18

CVE-2006-3610

index.php in Orbitcoders OrbitMATRIX 1.0 allows remote attackers to obtain sensitive information (partial database schema) via a modified page_name parameter, which reflects portions of an SQL query in the result. NOTE: it is not clear whether the information is target-specific. If not, then this issue is not an exposure.

Max CVSS

5.0

EPSS Score

0.43%

Published

2006-07-18

Updated

2018-10-18

CVE-2006-3609

Cross-site scripting (XSS) vulnerability in index.php in Orbitcoders OrbitMATRIX 1.0 allows remote attackers to inject arbitrary web script or HTML via the page_name parameter with an IMG tag containing a javascript URI in the SRC attribute.

Max CVSS

4.3

EPSS Score

0.68%

Published

2006-07-18

Updated

2018-10-18

3 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!