Vulnerability-Lookup

Search criteria

Vendor

Product

Assigner

Sources

Sort by

Order

FKIE_CVE-2015-2209

Vulnerability from fkie_nvd - Published: 2015-03-04 20:59 - Updated: 2025-04-12 10:46

Severity ?

Summary

DLGuard 4.5 allows remote attackers to obtain the installation path via the c parameter to index.php.

References

	URL	Tags
	cve@mitre.org	http://seclists.org/fulldisclosure/2015/Feb/67
	cve@mitre.org	http://tetraph.com/security/full-path-disclosure-vulnerability/dlguard-full-path-disclosure-information-leakage-security-vulnerabilities/
	cve@mitre.org	http://www.securityfocus.com/bid/72685
	af854a3a-2127-422b-91ae-364da2661108	http://seclists.org/fulldisclosure/2015/Feb/67
	af854a3a-2127-422b-91ae-364da2661108	http://tetraph.com/security/full-path-disclosure-vulnerability/dlguard-full-path-disclosure-information-leakage-security-vulnerabilities/
	af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/72685

Impacted products

	Vendor	Product	Version
	dlguard	dlguard	4.5

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:dlguard:dlguard:4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "0DA1AF44-C7C9-4230-862F-38DE2894DACA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "DLGuard 4.5 allows remote attackers to obtain the installation path via the c parameter to index.php."
    },
    {
      "lang": "es",
      "value": "DLGuard 4.5 permite a atacantes remotos obtener la ruta de instalaci\u00f3n a trav\u00e9s del par\u00e1metro c en index.php."
    }
  ],
  "id": "CVE-2015-2209",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2015-03-04T20:59:00.047",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://seclists.org/fulldisclosure/2015/Feb/67"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://tetraph.com/security/full-path-disclosure-vulnerability/dlguard-full-path-disclosure-information-leakage-security-vulnerabilities/"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/72685"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://seclists.org/fulldisclosure/2015/Feb/67"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://tetraph.com/security/full-path-disclosure-vulnerability/dlguard-full-path-disclosure-information-leakage-security-vulnerabilities/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/72685"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2015-2066

Vulnerability from fkie_nvd - Published: 2015-02-24 17:59 - Updated: 2025-04-12 10:46

Severity ?

Summary

SQL injection vulnerability in DLGuard 4.5 allows remote attackers to execute arbitrary SQL commands via the c parameter to index.php.

References

	URL	Tags
	cve@mitre.org	http://seclists.org/fulldisclosure/2015/Feb/69
	cve@mitre.org	http://securityrelated.blogspot.com/2015/02/dlguard-sql-injection-security.html
	cve@mitre.org	http://tetraph.com/security/sql-injection-vulnerability/dlguard-sql-injection-security-vulnerabilities/
	cve@mitre.org	http://www.securityfocus.com/bid/72683
	af854a3a-2127-422b-91ae-364da2661108	http://seclists.org/fulldisclosure/2015/Feb/69
	af854a3a-2127-422b-91ae-364da2661108	http://securityrelated.blogspot.com/2015/02/dlguard-sql-injection-security.html
	af854a3a-2127-422b-91ae-364da2661108	http://tetraph.com/security/sql-injection-vulnerability/dlguard-sql-injection-security-vulnerabilities/
	af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/72683

Impacted products

	Vendor	Product	Version
	dlguard	dlguard	4.5

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:dlguard:dlguard:4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "0DA1AF44-C7C9-4230-862F-38DE2894DACA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "SQL injection vulnerability in DLGuard 4.5 allows remote attackers to execute arbitrary SQL commands via the c parameter to index.php."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de inyecci\u00f3n SQL en DLGuard 4.5 permite a atacantes remotos ejecutar comandos SQL arbitrarios a trav\u00e9s del par\u00e1metro c en index.php."
    }
  ],
  "id": "CVE-2015-2066",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2015-02-24T17:59:02.800",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://seclists.org/fulldisclosure/2015/Feb/69"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securityrelated.blogspot.com/2015/02/dlguard-sql-injection-security.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://tetraph.com/security/sql-injection-vulnerability/dlguard-sql-injection-security-vulnerabilities/"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/72683"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://seclists.org/fulldisclosure/2015/Feb/69"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityrelated.blogspot.com/2015/02/dlguard-sql-injection-security.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://tetraph.com/security/sql-injection-vulnerability/dlguard-sql-injection-security-vulnerabilities/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/72683"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-89"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2015-2064

Vulnerability from fkie_nvd - Published: 2015-02-24 17:59 - Updated: 2025-04-12 10:46

Severity ?

Summary

Multiple cross-site scripting (XSS) vulnerabilities in DLGuard 5, 4.6, and 4.5 allow remote attackers to inject arbitrary web script or HTML via the (1) page, (2) c, or (3) redirect parameter to index.php or (4) search field (searchTerm parameter) in the main page.

References

	URL	Tags
	cve@mitre.org	http://seclists.org/fulldisclosure/2015/Feb/66
	cve@mitre.org	http://securityrelated.blogspot.com/2015/02/dlguard-multiple-xss-cross-site.html
	cve@mitre.org	http://tetraph.com/security/xss-vulnerability/dlguard-multiple-xss-cross-site-scripting-security-vulnerabilities/
	cve@mitre.org	http://www.securityfocus.com/bid/72684
	af854a3a-2127-422b-91ae-364da2661108	http://seclists.org/fulldisclosure/2015/Feb/66
	af854a3a-2127-422b-91ae-364da2661108	http://securityrelated.blogspot.com/2015/02/dlguard-multiple-xss-cross-site.html
	af854a3a-2127-422b-91ae-364da2661108	http://tetraph.com/security/xss-vulnerability/dlguard-multiple-xss-cross-site-scripting-security-vulnerabilities/
	af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/72684

Impacted products

Vendor	Product	Version
dlguard	dlguard	4.5
dlguard	dlguard	4.6
dlguard	dlguard	5.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:dlguard:dlguard:4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "0DA1AF44-C7C9-4230-862F-38DE2894DACA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:dlguard:dlguard:4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F15209E-AF24-492C-B702-FA829E5A6D6D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:dlguard:dlguard:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "55532768-0149-4C68-984C-1D4B982EB260",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple cross-site scripting (XSS) vulnerabilities in DLGuard 5, 4.6, and 4.5 allow remote attackers to inject arbitrary web script or HTML via the (1) page, (2) c, or (3) redirect parameter to index.php or (4) search field (searchTerm parameter) in the main page."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades de XSS en DLGuard 5, 4.6, y 4.5 permiten a atacantes remotos inyectar secuencias de comandos web arbitrarios o HTML a trav\u00e9s del par\u00e1metro (1) page, (2) c, o (3) redirect en index.php o (4) el campo de b\u00fasqueda (el par\u00e1metro searchTerm) en la p\u00e1gina principal."
    }
  ],
  "id": "CVE-2015-2064",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2015-02-24T17:59:00.050",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://seclists.org/fulldisclosure/2015/Feb/66"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securityrelated.blogspot.com/2015/02/dlguard-multiple-xss-cross-site.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://tetraph.com/security/xss-vulnerability/dlguard-multiple-xss-cross-site-scripting-security-vulnerabilities/"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/72684"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://seclists.org/fulldisclosure/2015/Feb/66"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityrelated.blogspot.com/2015/02/dlguard-multiple-xss-cross-site.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://tetraph.com/security/xss-vulnerability/dlguard-multiple-xss-cross-site-scripting-security-vulnerabilities/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/72684"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2011-5115

Vulnerability from fkie_nvd - Published: 2012-08-23 20:55 - Updated: 2025-04-11 00:51

Severity ?

Summary

Cross-site scripting (XSS) vulnerability in DLGuard, possibly 4.6 and earlier, allows remote attackers to inject arbitrary web script or HTML via the searchCart parameter to index.php.

References

URL	Tags
cve@mitre.org	http://packetstormsecurity.org/files/106859/dlguardshoppingcart-xss.txt	Exploit
cve@mitre.org	http://secunia.com/advisories/46855	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.org/files/106859/dlguardshoppingcart-xss.txt	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/46855	Vendor Advisory

Impacted products

	Vendor	Product	Version
	dlguard	dlguard	*
	dlguard	dlguard	4.5

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:dlguard:dlguard:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E6775AF-DF5E-421F-A513-30303F44D1C7",
              "versionEndIncluding": "4.6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:dlguard:dlguard:4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "0DA1AF44-C7C9-4230-862F-38DE2894DACA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cross-site scripting (XSS) vulnerability in DLGuard, possibly 4.6 and earlier, allows remote attackers to inject arbitrary web script or HTML via the searchCart parameter to index.php."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de ejecuci\u00f3n de comandos en sitios cruzados (XSS) en DLGuard, posiblemente v4.6 y anteriores, permite a atacantes remotos inyectar c\u00f3digo web o HTML arbitrario a trav\u00e9s del par\u00e1metro searchCart en index.php."
    }
  ],
  "id": "CVE-2011-5115",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2012-08-23T20:55:03.687",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://packetstormsecurity.org/files/106859/dlguardshoppingcart-xss.txt"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/46855"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://packetstormsecurity.org/files/106859/dlguardshoppingcart-xss.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/46855"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2015-2209 (GCVE-0-2015-2209)

Vulnerability from cvelistv5 – Published: 2015-03-04 20:00 – Updated: 2024-08-06 05:10

Summary

DLGuard 4.5 allows remote attackers to obtain the installation path via the c parameter to index.php.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://tetraph.com/security/full-path-disclosure-…	x_refsource_MISC
	http://www.securityfocus.com/bid/72685	vdb-entryx_refsource_BID
	http://seclists.org/fulldisclosure/2015/Feb/67	mailing-listx_refsource_FULLDISC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T05:10:15.548Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://tetraph.com/security/full-path-disclosure-vulnerability/dlguard-full-path-disclosure-information-leakage-security-vulnerabilities/"
          },
          {
            "name": "72685",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/72685"
          },
          {
            "name": "20150218 DLGuard Full Path Disclosure (Information Leakage) Security Vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2015/Feb/67"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-02-18T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "DLGuard 4.5 allows remote attackers to obtain the installation path via the c parameter to index.php."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-11-30T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://tetraph.com/security/full-path-disclosure-vulnerability/dlguard-full-path-disclosure-information-leakage-security-vulnerabilities/"
        },
        {
          "name": "72685",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/72685"
        },
        {
          "name": "20150218 DLGuard Full Path Disclosure (Information Leakage) Security Vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2015/Feb/67"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-2209",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "DLGuard 4.5 allows remote attackers to obtain the installation path via the c parameter to index.php."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://tetraph.com/security/full-path-disclosure-vulnerability/dlguard-full-path-disclosure-information-leakage-security-vulnerabilities/",
              "refsource": "MISC",
              "url": "http://tetraph.com/security/full-path-disclosure-vulnerability/dlguard-full-path-disclosure-information-leakage-security-vulnerabilities/"
            },
            {
              "name": "72685",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/72685"
            },
            {
              "name": "20150218 DLGuard Full Path Disclosure (Information Leakage) Security Vulnerabilities",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2015/Feb/67"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-2209",
    "datePublished": "2015-03-04T20:00:00",
    "dateReserved": "2015-03-04T00:00:00",
    "dateUpdated": "2024-08-06T05:10:15.548Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2015-2064 (GCVE-0-2015-2064)

Vulnerability from cvelistv5 – Published: 2015-02-24 17:00 – Updated: 2024-08-06 05:02

Summary

Multiple cross-site scripting (XSS) vulnerabilities in DLGuard 5, 4.6, and 4.5 allow remote attackers to inject arbitrary web script or HTML via the (1) page, (2) c, or (3) redirect parameter to index.php or (4) search field (searchTerm parameter) in the main page.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://tetraph.com/security/xss-vulnerability/dlg…	x_refsource_MISC
	http://securityrelated.blogspot.com/2015/02/dlgua…	x_refsource_MISC
	http://www.securityfocus.com/bid/72684	vdb-entryx_refsource_BID
	http://seclists.org/fulldisclosure/2015/Feb/66	mailing-listx_refsource_FULLDISC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T05:02:43.305Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://tetraph.com/security/xss-vulnerability/dlguard-multiple-xss-cross-site-scripting-security-vulnerabilities/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://securityrelated.blogspot.com/2015/02/dlguard-multiple-xss-cross-site.html"
          },
          {
            "name": "72684",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/72684"
          },
          {
            "name": "20150218 DLGuard Multiple XSS (Cross-Site Scripting) Security Vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2015/Feb/66"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-02-18T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple cross-site scripting (XSS) vulnerabilities in DLGuard 5, 4.6, and 4.5 allow remote attackers to inject arbitrary web script or HTML via the (1) page, (2) c, or (3) redirect parameter to index.php or (4) search field (searchTerm parameter) in the main page."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-29T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://tetraph.com/security/xss-vulnerability/dlguard-multiple-xss-cross-site-scripting-security-vulnerabilities/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://securityrelated.blogspot.com/2015/02/dlguard-multiple-xss-cross-site.html"
        },
        {
          "name": "72684",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/72684"
        },
        {
          "name": "20150218 DLGuard Multiple XSS (Cross-Site Scripting) Security Vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2015/Feb/66"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-2064",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple cross-site scripting (XSS) vulnerabilities in DLGuard 5, 4.6, and 4.5 allow remote attackers to inject arbitrary web script or HTML via the (1) page, (2) c, or (3) redirect parameter to index.php or (4) search field (searchTerm parameter) in the main page."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://tetraph.com/security/xss-vulnerability/dlguard-multiple-xss-cross-site-scripting-security-vulnerabilities/",
              "refsource": "MISC",
              "url": "http://tetraph.com/security/xss-vulnerability/dlguard-multiple-xss-cross-site-scripting-security-vulnerabilities/"
            },
            {
              "name": "http://securityrelated.blogspot.com/2015/02/dlguard-multiple-xss-cross-site.html",
              "refsource": "MISC",
              "url": "http://securityrelated.blogspot.com/2015/02/dlguard-multiple-xss-cross-site.html"
            },
            {
              "name": "72684",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/72684"
            },
            {
              "name": "20150218 DLGuard Multiple XSS (Cross-Site Scripting) Security Vulnerabilities",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2015/Feb/66"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-2064",
    "datePublished": "2015-02-24T17:00:00",
    "dateReserved": "2015-02-24T00:00:00",
    "dateUpdated": "2024-08-06T05:02:43.305Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2015-2066 (GCVE-0-2015-2066)

Vulnerability from cvelistv5 – Published: 2015-02-24 17:00 – Updated: 2024-08-06 05:02

Summary

SQL injection vulnerability in DLGuard 4.5 allows remote attackers to execute arbitrary SQL commands via the c parameter to index.php.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://www.securityfocus.com/bid/72683	vdb-entryx_refsource_BID
	http://seclists.org/fulldisclosure/2015/Feb/69	mailing-listx_refsource_FULLDISC
	http://tetraph.com/security/sql-injection-vulnera…	x_refsource_MISC
	http://securityrelated.blogspot.com/2015/02/dlgua…	x_refsource_MISC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T05:02:43.395Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "72683",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/72683"
          },
          {
            "name": "20150218 DLGuard SQL Injection Security Vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2015/Feb/69"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://tetraph.com/security/sql-injection-vulnerability/dlguard-sql-injection-security-vulnerabilities/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://securityrelated.blogspot.com/2015/02/dlguard-sql-injection-security.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-02-18T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "SQL injection vulnerability in DLGuard 4.5 allows remote attackers to execute arbitrary SQL commands via the c parameter to index.php."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-29T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "72683",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/72683"
        },
        {
          "name": "20150218 DLGuard SQL Injection Security Vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2015/Feb/69"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://tetraph.com/security/sql-injection-vulnerability/dlguard-sql-injection-security-vulnerabilities/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://securityrelated.blogspot.com/2015/02/dlguard-sql-injection-security.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-2066",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "SQL injection vulnerability in DLGuard 4.5 allows remote attackers to execute arbitrary SQL commands via the c parameter to index.php."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "72683",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/72683"
            },
            {
              "name": "20150218 DLGuard SQL Injection Security Vulnerabilities",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2015/Feb/69"
            },
            {
              "name": "http://tetraph.com/security/sql-injection-vulnerability/dlguard-sql-injection-security-vulnerabilities/",
              "refsource": "MISC",
              "url": "http://tetraph.com/security/sql-injection-vulnerability/dlguard-sql-injection-security-vulnerabilities/"
            },
            {
              "name": "http://securityrelated.blogspot.com/2015/02/dlguard-sql-injection-security.html",
              "refsource": "MISC",
              "url": "http://securityrelated.blogspot.com/2015/02/dlguard-sql-injection-security.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-2066",
    "datePublished": "2015-02-24T17:00:00",
    "dateReserved": "2015-02-24T00:00:00",
    "dateUpdated": "2024-08-06T05:02:43.395Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2011-5115 (GCVE-0-2011-5115)

Vulnerability from cvelistv5 – Published: 2012-08-23 20:00 – Updated: 2024-09-17 02:06

Summary

Cross-site scripting (XSS) vulnerability in DLGuard, possibly 4.6 and earlier, allows remote attackers to inject arbitrary web script or HTML via the searchCart parameter to index.php.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://secunia.com/advisories/46855	third-party-advisoryx_refsource_SECUNIA
	http://packetstormsecurity.org/files/106859/dlgua…	x_refsource_MISC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T00:23:40.207Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "46855",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/46855"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.org/files/106859/dlguardshoppingcart-xss.txt"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site scripting (XSS) vulnerability in DLGuard, possibly 4.6 and earlier, allows remote attackers to inject arbitrary web script or HTML via the searchCart parameter to index.php."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2012-08-23T20:00:00Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "46855",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/46855"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.org/files/106859/dlguardshoppingcart-xss.txt"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2011-5115",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site scripting (XSS) vulnerability in DLGuard, possibly 4.6 and earlier, allows remote attackers to inject arbitrary web script or HTML via the searchCart parameter to index.php."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "46855",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/46855"
            },
            {
              "name": "http://packetstormsecurity.org/files/106859/dlguardshoppingcart-xss.txt",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.org/files/106859/dlguardshoppingcart-xss.txt"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2011-5115",
    "datePublished": "2012-08-23T20:00:00Z",
    "dateReserved": "2012-08-23T00:00:00Z",
    "dateUpdated": "2024-09-17T02:06:48.416Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2015-2209 (GCVE-0-2015-2209)

Vulnerability from nvd – Published: 2015-03-04 20:00 – Updated: 2024-08-06 05:10

Summary

DLGuard 4.5 allows remote attackers to obtain the installation path via the c parameter to index.php.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://tetraph.com/security/full-path-disclosure-…	x_refsource_MISC
	http://www.securityfocus.com/bid/72685	vdb-entryx_refsource_BID
	http://seclists.org/fulldisclosure/2015/Feb/67	mailing-listx_refsource_FULLDISC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T05:10:15.548Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://tetraph.com/security/full-path-disclosure-vulnerability/dlguard-full-path-disclosure-information-leakage-security-vulnerabilities/"
          },
          {
            "name": "72685",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/72685"
          },
          {
            "name": "20150218 DLGuard Full Path Disclosure (Information Leakage) Security Vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2015/Feb/67"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-02-18T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "DLGuard 4.5 allows remote attackers to obtain the installation path via the c parameter to index.php."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-11-30T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://tetraph.com/security/full-path-disclosure-vulnerability/dlguard-full-path-disclosure-information-leakage-security-vulnerabilities/"
        },
        {
          "name": "72685",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/72685"
        },
        {
          "name": "20150218 DLGuard Full Path Disclosure (Information Leakage) Security Vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2015/Feb/67"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-2209",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "DLGuard 4.5 allows remote attackers to obtain the installation path via the c parameter to index.php."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://tetraph.com/security/full-path-disclosure-vulnerability/dlguard-full-path-disclosure-information-leakage-security-vulnerabilities/",
              "refsource": "MISC",
              "url": "http://tetraph.com/security/full-path-disclosure-vulnerability/dlguard-full-path-disclosure-information-leakage-security-vulnerabilities/"
            },
            {
              "name": "72685",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/72685"
            },
            {
              "name": "20150218 DLGuard Full Path Disclosure (Information Leakage) Security Vulnerabilities",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2015/Feb/67"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-2209",
    "datePublished": "2015-03-04T20:00:00",
    "dateReserved": "2015-03-04T00:00:00",
    "dateUpdated": "2024-08-06T05:10:15.548Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2015-2064 (GCVE-0-2015-2064)

Vulnerability from nvd – Published: 2015-02-24 17:00 – Updated: 2024-08-06 05:02

Summary

Multiple cross-site scripting (XSS) vulnerabilities in DLGuard 5, 4.6, and 4.5 allow remote attackers to inject arbitrary web script or HTML via the (1) page, (2) c, or (3) redirect parameter to index.php or (4) search field (searchTerm parameter) in the main page.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://tetraph.com/security/xss-vulnerability/dlg…	x_refsource_MISC
	http://securityrelated.blogspot.com/2015/02/dlgua…	x_refsource_MISC
	http://www.securityfocus.com/bid/72684	vdb-entryx_refsource_BID
	http://seclists.org/fulldisclosure/2015/Feb/66	mailing-listx_refsource_FULLDISC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T05:02:43.305Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://tetraph.com/security/xss-vulnerability/dlguard-multiple-xss-cross-site-scripting-security-vulnerabilities/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://securityrelated.blogspot.com/2015/02/dlguard-multiple-xss-cross-site.html"
          },
          {
            "name": "72684",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/72684"
          },
          {
            "name": "20150218 DLGuard Multiple XSS (Cross-Site Scripting) Security Vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2015/Feb/66"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-02-18T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple cross-site scripting (XSS) vulnerabilities in DLGuard 5, 4.6, and 4.5 allow remote attackers to inject arbitrary web script or HTML via the (1) page, (2) c, or (3) redirect parameter to index.php or (4) search field (searchTerm parameter) in the main page."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-29T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://tetraph.com/security/xss-vulnerability/dlguard-multiple-xss-cross-site-scripting-security-vulnerabilities/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://securityrelated.blogspot.com/2015/02/dlguard-multiple-xss-cross-site.html"
        },
        {
          "name": "72684",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/72684"
        },
        {
          "name": "20150218 DLGuard Multiple XSS (Cross-Site Scripting) Security Vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2015/Feb/66"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-2064",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple cross-site scripting (XSS) vulnerabilities in DLGuard 5, 4.6, and 4.5 allow remote attackers to inject arbitrary web script or HTML via the (1) page, (2) c, or (3) redirect parameter to index.php or (4) search field (searchTerm parameter) in the main page."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://tetraph.com/security/xss-vulnerability/dlguard-multiple-xss-cross-site-scripting-security-vulnerabilities/",
              "refsource": "MISC",
              "url": "http://tetraph.com/security/xss-vulnerability/dlguard-multiple-xss-cross-site-scripting-security-vulnerabilities/"
            },
            {
              "name": "http://securityrelated.blogspot.com/2015/02/dlguard-multiple-xss-cross-site.html",
              "refsource": "MISC",
              "url": "http://securityrelated.blogspot.com/2015/02/dlguard-multiple-xss-cross-site.html"
            },
            {
              "name": "72684",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/72684"
            },
            {
              "name": "20150218 DLGuard Multiple XSS (Cross-Site Scripting) Security Vulnerabilities",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2015/Feb/66"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-2064",
    "datePublished": "2015-02-24T17:00:00",
    "dateReserved": "2015-02-24T00:00:00",
    "dateUpdated": "2024-08-06T05:02:43.305Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2015-2066 (GCVE-0-2015-2066)

Vulnerability from nvd – Published: 2015-02-24 17:00 – Updated: 2024-08-06 05:02

Summary

SQL injection vulnerability in DLGuard 4.5 allows remote attackers to execute arbitrary SQL commands via the c parameter to index.php.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://www.securityfocus.com/bid/72683	vdb-entryx_refsource_BID
	http://seclists.org/fulldisclosure/2015/Feb/69	mailing-listx_refsource_FULLDISC
	http://tetraph.com/security/sql-injection-vulnera…	x_refsource_MISC
	http://securityrelated.blogspot.com/2015/02/dlgua…	x_refsource_MISC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T05:02:43.395Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "72683",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/72683"
          },
          {
            "name": "20150218 DLGuard SQL Injection Security Vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2015/Feb/69"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://tetraph.com/security/sql-injection-vulnerability/dlguard-sql-injection-security-vulnerabilities/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://securityrelated.blogspot.com/2015/02/dlguard-sql-injection-security.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-02-18T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "SQL injection vulnerability in DLGuard 4.5 allows remote attackers to execute arbitrary SQL commands via the c parameter to index.php."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-29T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "72683",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/72683"
        },
        {
          "name": "20150218 DLGuard SQL Injection Security Vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2015/Feb/69"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://tetraph.com/security/sql-injection-vulnerability/dlguard-sql-injection-security-vulnerabilities/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://securityrelated.blogspot.com/2015/02/dlguard-sql-injection-security.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-2066",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "SQL injection vulnerability in DLGuard 4.5 allows remote attackers to execute arbitrary SQL commands via the c parameter to index.php."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "72683",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/72683"
            },
            {
              "name": "20150218 DLGuard SQL Injection Security Vulnerabilities",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2015/Feb/69"
            },
            {
              "name": "http://tetraph.com/security/sql-injection-vulnerability/dlguard-sql-injection-security-vulnerabilities/",
              "refsource": "MISC",
              "url": "http://tetraph.com/security/sql-injection-vulnerability/dlguard-sql-injection-security-vulnerabilities/"
            },
            {
              "name": "http://securityrelated.blogspot.com/2015/02/dlguard-sql-injection-security.html",
              "refsource": "MISC",
              "url": "http://securityrelated.blogspot.com/2015/02/dlguard-sql-injection-security.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-2066",
    "datePublished": "2015-02-24T17:00:00",
    "dateReserved": "2015-02-24T00:00:00",
    "dateUpdated": "2024-08-06T05:02:43.395Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2011-5115 (GCVE-0-2011-5115)

Vulnerability from nvd – Published: 2012-08-23 20:00 – Updated: 2024-09-17 02:06

Summary

Cross-site scripting (XSS) vulnerability in DLGuard, possibly 4.6 and earlier, allows remote attackers to inject arbitrary web script or HTML via the searchCart parameter to index.php.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://secunia.com/advisories/46855	third-party-advisoryx_refsource_SECUNIA
	http://packetstormsecurity.org/files/106859/dlgua…	x_refsource_MISC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T00:23:40.207Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "46855",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/46855"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.org/files/106859/dlguardshoppingcart-xss.txt"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site scripting (XSS) vulnerability in DLGuard, possibly 4.6 and earlier, allows remote attackers to inject arbitrary web script or HTML via the searchCart parameter to index.php."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2012-08-23T20:00:00Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "46855",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/46855"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.org/files/106859/dlguardshoppingcart-xss.txt"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2011-5115",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site scripting (XSS) vulnerability in DLGuard, possibly 4.6 and earlier, allows remote attackers to inject arbitrary web script or HTML via the searchCart parameter to index.php."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "46855",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/46855"
            },
            {
              "name": "http://packetstormsecurity.org/files/106859/dlguardshoppingcart-xss.txt",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.org/files/106859/dlguardshoppingcart-xss.txt"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2011-5115",
    "datePublished": "2012-08-23T20:00:00Z",
    "dateReserved": "2012-08-23T00:00:00Z",
    "dateUpdated": "2024-09-17T02:06:48.416Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Search criteria

12 vulnerabilities found for dlguard by dlguard

FKIE_CVE-2015-2209

FKIE_CVE-2015-2066

FKIE_CVE-2015-2064

FKIE_CVE-2011-5115

CVE-2015-2209 (GCVE-0-2015-2209)

CVE-2015-2064 (GCVE-0-2015-2064)

CVE-2015-2066 (GCVE-0-2015-2066)

CVE-2011-5115 (GCVE-0-2011-5115)

CVE-2015-2209 (GCVE-0-2015-2209)

CVE-2015-2064 (GCVE-0-2015-2064)

CVE-2015-2066 (GCVE-0-2015-2066)

CVE-2011-5115 (GCVE-0-2011-5115)