Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    10 vulnerabilities by omnistar_interactive

    CVE-2007-5724 (GCVE-0-2007-5724)

    Vulnerability from nvd – Published: 2007-10-30 21:00 – Updated: 2024-08-07 15:39
    VLAI
    Summary
    Multiple cross-site scripting (XSS) vulnerabilities in Omnistar Live allow remote attackers to inject arbitrary web script or HTML via (1) the category_id parameter to users/kb.php, and possibly (3) the Email Box field in profile.php.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/archive/1/482928/100… mailing-listx_refsource_BUGTRAQ
    http://osvdb.org/38300 vdb-entryx_refsource_OSVDB
    http://securityreason.com/securityalert/3316 third-party-advisoryx_refsource_SREASON
    http://www.securityfocus.com/bid/26234 vdb-entryx_refsource_BID
    http://secunia.com/advisories/27449 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2007-10-29 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T15:39:13.604Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "omnistar-kb-xss(38145)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38145"
              },
              {
                "name": "20071029 Omnistar Live Software Cross-Site Scripting Vulrnability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/482928/100/0/threaded"
              },
              {
                "name": "38300",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/38300"
              },
              {
                "name": "3316",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/3316"
              },
              {
                "name": "26234",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/26234"
              },
              {
                "name": "27449",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/27449"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-10-29T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple cross-site scripting (XSS) vulnerabilities in Omnistar Live allow remote attackers to inject arbitrary web script or HTML via (1) the category_id parameter to users/kb.php, and possibly (3) the Email Box field in profile.php."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-15T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "omnistar-kb-xss(38145)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38145"
            },
            {
              "name": "20071029 Omnistar Live Software Cross-Site Scripting Vulrnability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/482928/100/0/threaded"
            },
            {
              "name": "38300",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/38300"
            },
            {
              "name": "3316",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/3316"
            },
            {
              "name": "26234",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/26234"
            },
            {
              "name": "27449",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/27449"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-5724",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple cross-site scripting (XSS) vulnerabilities in Omnistar Live allow remote attackers to inject arbitrary web script or HTML via (1) the category_id parameter to users/kb.php, and possibly (3) the Email Box field in profile.php."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "omnistar-kb-xss(38145)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38145"
                },
                {
                  "name": "20071029 Omnistar Live Software Cross-Site Scripting Vulrnability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/482928/100/0/threaded"
                },
                {
                  "name": "38300",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/38300"
                },
                {
                  "name": "3316",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/3316"
                },
                {
                  "name": "26234",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/26234"
                },
                {
                  "name": "27449",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/27449"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-5724",
        "datePublished": "2007-10-30T21:00:00.000Z",
        "dateReserved": "2007-10-30T00:00:00.000Z",
        "dateUpdated": "2024-08-07T15:39:13.604Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-4952 (GCVE-0-2007-4952)

    Vulnerability from nvd – Published: 2007-09-18 20:00 – Updated: 2024-08-07 15:17
    VLAI
    Summary
    SQL injection vulnerability in article.php in OmniStar Article Manager allows remote attackers to execute arbitrary SQL commands via the page_id parameter in a favorite op action, a different vector than CVE-2006-5917.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/25692 vdb-entryx_refsource_BID
    https://www.exploit-db.com/exploits/4418 exploitx_refsource_EXPLOIT-DB
    Date Public
    2007-09-16 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T15:17:27.450Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "25692",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/25692"
              },
              {
                "name": "4418",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/4418"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-09-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "SQL injection vulnerability in article.php in OmniStar Article Manager allows remote attackers to execute arbitrary SQL commands via the page_id parameter in a favorite op action, a different vector than CVE-2006-5917."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "25692",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/25692"
            },
            {
              "name": "4418",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/4418"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-4952",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "SQL injection vulnerability in article.php in OmniStar Article Manager allows remote attackers to execute arbitrary SQL commands via the page_id parameter in a favorite op action, a different vector than CVE-2006-5917."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "25692",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/25692"
                },
                {
                  "name": "4418",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/4418"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-4952",
        "datePublished": "2007-09-18T20:00:00.000Z",
        "dateReserved": "2007-09-18T00:00:00.000Z",
        "dateUpdated": "2024-08-07T15:17:27.450Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-5917 (GCVE-0-2006-5917)

    Vulnerability from nvd – Published: 2006-11-15 15:00 – Updated: 2024-08-07 20:12
    VLAI
    Summary
    Multiple SQL injection vulnerabilities in OmniStar Article Manager allow remote attackers to execute arbitrary SQL commands via the (1) article_id parameter in (a) articles/comments.php and (b) articles/article.php, and the (2) page_id parameter in (c) articles/pages.php.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/archive/1/451045/100… mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/bid/20990 vdb-entryx_refsource_BID
    http://securityreason.com/securityalert/1865 third-party-advisoryx_refsource_SREASON
    http://s-a-p.ca/index.php?page=OurAdvisories&id=10 x_refsource_MISC
    http://secunia.com/advisories/22794 third-party-advisoryx_refsource_SECUNIA
    http://securitytracker.com/id?1017208 vdb-entryx_refsource_SECTRACK
    http://www.vupen.com/english/advisories/2006/4449 vdb-entryx_refsource_VUPEN
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2006-11-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T20:12:30.323Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20061108 omnistar article manager [multiples injection sql]",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/451045/100/0/threaded"
              },
              {
                "name": "20990",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/20990"
              },
              {
                "name": "1865",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/1865"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://s-a-p.ca/index.php?page=OurAdvisories\u0026id=10"
              },
              {
                "name": "22794",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/22794"
              },
              {
                "name": "1017208",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1017208"
              },
              {
                "name": "ADV-2006-4449",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/4449"
              },
              {
                "name": "omnistar-article-articleid-sql-injection(30166)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30166"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-11-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple SQL injection vulnerabilities in OmniStar Article Manager allow remote attackers to execute arbitrary SQL commands via the (1) article_id parameter in (a) articles/comments.php and (b) articles/article.php, and the (2) page_id parameter in (c) articles/pages.php."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20061108 omnistar article manager [multiples injection sql]",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/451045/100/0/threaded"
            },
            {
              "name": "20990",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/20990"
            },
            {
              "name": "1865",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/1865"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://s-a-p.ca/index.php?page=OurAdvisories\u0026id=10"
            },
            {
              "name": "22794",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/22794"
            },
            {
              "name": "1017208",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1017208"
            },
            {
              "name": "ADV-2006-4449",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/4449"
            },
            {
              "name": "omnistar-article-articleid-sql-injection(30166)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30166"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-5917",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple SQL injection vulnerabilities in OmniStar Article Manager allow remote attackers to execute arbitrary SQL commands via the (1) article_id parameter in (a) articles/comments.php and (b) articles/article.php, and the (2) page_id parameter in (c) articles/pages.php."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20061108 omnistar article manager [multiples injection sql]",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/451045/100/0/threaded"
                },
                {
                  "name": "20990",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/20990"
                },
                {
                  "name": "1865",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/1865"
                },
                {
                  "name": "http://s-a-p.ca/index.php?page=OurAdvisories\u0026id=10",
                  "refsource": "MISC",
                  "url": "http://s-a-p.ca/index.php?page=OurAdvisories\u0026id=10"
                },
                {
                  "name": "22794",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/22794"
                },
                {
                  "name": "1017208",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1017208"
                },
                {
                  "name": "ADV-2006-4449",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/4449"
                },
                {
                  "name": "omnistar-article-articleid-sql-injection(30166)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30166"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-5917",
        "datePublished": "2006-11-15T15:00:00.000Z",
        "dateReserved": "2006-11-15T00:00:00.000Z",
        "dateUpdated": "2024-08-07T20:12:30.323Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-3880 (GCVE-0-2005-3880)

    Vulnerability from nvd – Published: 2005-11-29 11:00 – Updated: 2024-08-07 23:24
    VLAI
    Summary
    Multiple SQL injection vulnerabilities in Omnistar KBase 4.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) article_id parameter in users/comments.php, (2) category_id and (3) id parameters in users/kb.php.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/17773 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2005/2623 vdb-entryx_refsource_VUPEN
    http://pridels0.blogspot.com/2005/11/omnistar-kba… x_refsource_MISC
    http://www.osvdb.org/21204 vdb-entryx_refsource_OSVDB
    http://www.osvdb.org/21203 vdb-entryx_refsource_OSVDB
    http://www.securityfocus.com/bid/15635 vdb-entryx_refsource_BID
    Date Public
    2005-11-27 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T23:24:36.549Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "17773",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17773"
              },
              {
                "name": "ADV-2005-2623",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2005/2623"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://pridels0.blogspot.com/2005/11/omnistar-kbase-sql-inj-vuln.html"
              },
              {
                "name": "21204",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/21204"
              },
              {
                "name": "21203",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/21203"
              },
              {
                "name": "15635",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/15635"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2005-11-27T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple SQL injection vulnerabilities in Omnistar KBase 4.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) article_id parameter in users/comments.php, (2) category_id and (3) id parameters in users/kb.php."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2005-12-01T10:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "17773",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17773"
            },
            {
              "name": "ADV-2005-2623",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2005/2623"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://pridels0.blogspot.com/2005/11/omnistar-kbase-sql-inj-vuln.html"
            },
            {
              "name": "21204",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/21204"
            },
            {
              "name": "21203",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/21203"
            },
            {
              "name": "15635",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/15635"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2005-3880",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple SQL injection vulnerabilities in Omnistar KBase 4.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) article_id parameter in users/comments.php, (2) category_id and (3) id parameters in users/kb.php."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "17773",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/17773"
                },
                {
                  "name": "ADV-2005-2623",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2005/2623"
                },
                {
                  "name": "http://pridels0.blogspot.com/2005/11/omnistar-kbase-sql-inj-vuln.html",
                  "refsource": "MISC",
                  "url": "http://pridels0.blogspot.com/2005/11/omnistar-kbase-sql-inj-vuln.html"
                },
                {
                  "name": "21204",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/21204"
                },
                {
                  "name": "21203",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/21203"
                },
                {
                  "name": "15635",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/15635"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2005-3880",
        "datePublished": "2005-11-29T11:00:00.000Z",
        "dateReserved": "2005-11-29T00:00:00.000Z",
        "dateUpdated": "2024-08-07T23:24:36.549Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-3840 (GCVE-0-2005-3840)

    Vulnerability from nvd – Published: 2005-11-26 22:00 – Updated: 2024-08-07 23:24
    VLAI
    Summary
    SQL injection vulnerability in kb.php in Omnistar Live 5.2 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) id and (2) category_id parameter. NOTE: due to a typo, an Internet Explorer issue was incorrectly assigned this identifier, but the correct identifier is CVE-2005-3240.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.osvdb.org/21077 vdb-entryx_refsource_OSVDB
    http://pridels0.blogspot.com/2005/11/omnistar-liv… x_refsource_MISC
    http://secunia.com/advisories/17697 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2005/2561 vdb-entryx_refsource_VUPEN
    Date Public
    2005-11-23 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T23:24:36.526Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "21077",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/21077"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://pridels0.blogspot.com/2005/11/omnistar-live-id-and-categoryid-sql.html"
              },
              {
                "name": "17697",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17697"
              },
              {
                "name": "ADV-2005-2561",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2005/2561"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2005-11-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "SQL injection vulnerability in kb.php in Omnistar Live 5.2 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) id and (2) category_id parameter.  NOTE: due to a typo, an Internet Explorer issue was incorrectly assigned this identifier, but the correct identifier is CVE-2005-3240."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2006-02-15T10:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "21077",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/21077"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://pridels0.blogspot.com/2005/11/omnistar-live-id-and-categoryid-sql.html"
            },
            {
              "name": "17697",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17697"
            },
            {
              "name": "ADV-2005-2561",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2005/2561"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2005-3840",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "SQL injection vulnerability in kb.php in Omnistar Live 5.2 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) id and (2) category_id parameter.  NOTE: due to a typo, an Internet Explorer issue was incorrectly assigned this identifier, but the correct identifier is CVE-2005-3240."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "21077",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/21077"
                },
                {
                  "name": "http://pridels0.blogspot.com/2005/11/omnistar-live-id-and-categoryid-sql.html",
                  "refsource": "MISC",
                  "url": "http://pridels0.blogspot.com/2005/11/omnistar-live-id-and-categoryid-sql.html"
                },
                {
                  "name": "17697",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/17697"
                },
                {
                  "name": "ADV-2005-2561",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2005/2561"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2005-3840",
        "datePublished": "2005-11-26T22:00:00.000Z",
        "dateReserved": "2005-11-26T00:00:00.000Z",
        "dateUpdated": "2024-08-07T23:24:36.526Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-5724 (GCVE-0-2007-5724)

    Vulnerability from cvelistv5 – Published: 2007-10-30 21:00 – Updated: 2024-08-07 15:39
    VLAI
    Summary
    Multiple cross-site scripting (XSS) vulnerabilities in Omnistar Live allow remote attackers to inject arbitrary web script or HTML via (1) the category_id parameter to users/kb.php, and possibly (3) the Email Box field in profile.php.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/archive/1/482928/100… mailing-listx_refsource_BUGTRAQ
    http://osvdb.org/38300 vdb-entryx_refsource_OSVDB
    http://securityreason.com/securityalert/3316 third-party-advisoryx_refsource_SREASON
    http://www.securityfocus.com/bid/26234 vdb-entryx_refsource_BID
    http://secunia.com/advisories/27449 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2007-10-29 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T15:39:13.604Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "omnistar-kb-xss(38145)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38145"
              },
              {
                "name": "20071029 Omnistar Live Software Cross-Site Scripting Vulrnability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/482928/100/0/threaded"
              },
              {
                "name": "38300",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/38300"
              },
              {
                "name": "3316",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/3316"
              },
              {
                "name": "26234",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/26234"
              },
              {
                "name": "27449",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/27449"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-10-29T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple cross-site scripting (XSS) vulnerabilities in Omnistar Live allow remote attackers to inject arbitrary web script or HTML via (1) the category_id parameter to users/kb.php, and possibly (3) the Email Box field in profile.php."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-15T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "omnistar-kb-xss(38145)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38145"
            },
            {
              "name": "20071029 Omnistar Live Software Cross-Site Scripting Vulrnability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/482928/100/0/threaded"
            },
            {
              "name": "38300",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/38300"
            },
            {
              "name": "3316",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/3316"
            },
            {
              "name": "26234",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/26234"
            },
            {
              "name": "27449",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/27449"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-5724",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple cross-site scripting (XSS) vulnerabilities in Omnistar Live allow remote attackers to inject arbitrary web script or HTML via (1) the category_id parameter to users/kb.php, and possibly (3) the Email Box field in profile.php."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "omnistar-kb-xss(38145)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38145"
                },
                {
                  "name": "20071029 Omnistar Live Software Cross-Site Scripting Vulrnability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/482928/100/0/threaded"
                },
                {
                  "name": "38300",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/38300"
                },
                {
                  "name": "3316",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/3316"
                },
                {
                  "name": "26234",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/26234"
                },
                {
                  "name": "27449",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/27449"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-5724",
        "datePublished": "2007-10-30T21:00:00.000Z",
        "dateReserved": "2007-10-30T00:00:00.000Z",
        "dateUpdated": "2024-08-07T15:39:13.604Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-4952 (GCVE-0-2007-4952)

    Vulnerability from cvelistv5 – Published: 2007-09-18 20:00 – Updated: 2024-08-07 15:17
    VLAI
    Summary
    SQL injection vulnerability in article.php in OmniStar Article Manager allows remote attackers to execute arbitrary SQL commands via the page_id parameter in a favorite op action, a different vector than CVE-2006-5917.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/25692 vdb-entryx_refsource_BID
    https://www.exploit-db.com/exploits/4418 exploitx_refsource_EXPLOIT-DB
    Date Public
    2007-09-16 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T15:17:27.450Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "25692",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/25692"
              },
              {
                "name": "4418",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/4418"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-09-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "SQL injection vulnerability in article.php in OmniStar Article Manager allows remote attackers to execute arbitrary SQL commands via the page_id parameter in a favorite op action, a different vector than CVE-2006-5917."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "25692",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/25692"
            },
            {
              "name": "4418",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/4418"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-4952",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "SQL injection vulnerability in article.php in OmniStar Article Manager allows remote attackers to execute arbitrary SQL commands via the page_id parameter in a favorite op action, a different vector than CVE-2006-5917."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "25692",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/25692"
                },
                {
                  "name": "4418",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/4418"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-4952",
        "datePublished": "2007-09-18T20:00:00.000Z",
        "dateReserved": "2007-09-18T00:00:00.000Z",
        "dateUpdated": "2024-08-07T15:17:27.450Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-5917 (GCVE-0-2006-5917)

    Vulnerability from cvelistv5 – Published: 2006-11-15 15:00 – Updated: 2024-08-07 20:12
    VLAI
    Summary
    Multiple SQL injection vulnerabilities in OmniStar Article Manager allow remote attackers to execute arbitrary SQL commands via the (1) article_id parameter in (a) articles/comments.php and (b) articles/article.php, and the (2) page_id parameter in (c) articles/pages.php.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/archive/1/451045/100… mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/bid/20990 vdb-entryx_refsource_BID
    http://securityreason.com/securityalert/1865 third-party-advisoryx_refsource_SREASON
    http://s-a-p.ca/index.php?page=OurAdvisories&id=10 x_refsource_MISC
    http://secunia.com/advisories/22794 third-party-advisoryx_refsource_SECUNIA
    http://securitytracker.com/id?1017208 vdb-entryx_refsource_SECTRACK
    http://www.vupen.com/english/advisories/2006/4449 vdb-entryx_refsource_VUPEN
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2006-11-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T20:12:30.323Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20061108 omnistar article manager [multiples injection sql]",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/451045/100/0/threaded"
              },
              {
                "name": "20990",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/20990"
              },
              {
                "name": "1865",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/1865"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://s-a-p.ca/index.php?page=OurAdvisories\u0026id=10"
              },
              {
                "name": "22794",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/22794"
              },
              {
                "name": "1017208",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1017208"
              },
              {
                "name": "ADV-2006-4449",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/4449"
              },
              {
                "name": "omnistar-article-articleid-sql-injection(30166)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30166"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-11-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple SQL injection vulnerabilities in OmniStar Article Manager allow remote attackers to execute arbitrary SQL commands via the (1) article_id parameter in (a) articles/comments.php and (b) articles/article.php, and the (2) page_id parameter in (c) articles/pages.php."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20061108 omnistar article manager [multiples injection sql]",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/451045/100/0/threaded"
            },
            {
              "name": "20990",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/20990"
            },
            {
              "name": "1865",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/1865"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://s-a-p.ca/index.php?page=OurAdvisories\u0026id=10"
            },
            {
              "name": "22794",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/22794"
            },
            {
              "name": "1017208",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1017208"
            },
            {
              "name": "ADV-2006-4449",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/4449"
            },
            {
              "name": "omnistar-article-articleid-sql-injection(30166)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30166"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-5917",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple SQL injection vulnerabilities in OmniStar Article Manager allow remote attackers to execute arbitrary SQL commands via the (1) article_id parameter in (a) articles/comments.php and (b) articles/article.php, and the (2) page_id parameter in (c) articles/pages.php."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20061108 omnistar article manager [multiples injection sql]",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/451045/100/0/threaded"
                },
                {
                  "name": "20990",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/20990"
                },
                {
                  "name": "1865",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/1865"
                },
                {
                  "name": "http://s-a-p.ca/index.php?page=OurAdvisories\u0026id=10",
                  "refsource": "MISC",
                  "url": "http://s-a-p.ca/index.php?page=OurAdvisories\u0026id=10"
                },
                {
                  "name": "22794",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/22794"
                },
                {
                  "name": "1017208",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1017208"
                },
                {
                  "name": "ADV-2006-4449",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/4449"
                },
                {
                  "name": "omnistar-article-articleid-sql-injection(30166)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30166"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-5917",
        "datePublished": "2006-11-15T15:00:00.000Z",
        "dateReserved": "2006-11-15T00:00:00.000Z",
        "dateUpdated": "2024-08-07T20:12:30.323Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-3880 (GCVE-0-2005-3880)

    Vulnerability from cvelistv5 – Published: 2005-11-29 11:00 – Updated: 2024-08-07 23:24
    VLAI
    Summary
    Multiple SQL injection vulnerabilities in Omnistar KBase 4.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) article_id parameter in users/comments.php, (2) category_id and (3) id parameters in users/kb.php.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/17773 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2005/2623 vdb-entryx_refsource_VUPEN
    http://pridels0.blogspot.com/2005/11/omnistar-kba… x_refsource_MISC
    http://www.osvdb.org/21204 vdb-entryx_refsource_OSVDB
    http://www.osvdb.org/21203 vdb-entryx_refsource_OSVDB
    http://www.securityfocus.com/bid/15635 vdb-entryx_refsource_BID
    Date Public
    2005-11-27 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T23:24:36.549Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "17773",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17773"
              },
              {
                "name": "ADV-2005-2623",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2005/2623"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://pridels0.blogspot.com/2005/11/omnistar-kbase-sql-inj-vuln.html"
              },
              {
                "name": "21204",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/21204"
              },
              {
                "name": "21203",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/21203"
              },
              {
                "name": "15635",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/15635"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2005-11-27T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple SQL injection vulnerabilities in Omnistar KBase 4.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) article_id parameter in users/comments.php, (2) category_id and (3) id parameters in users/kb.php."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2005-12-01T10:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "17773",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17773"
            },
            {
              "name": "ADV-2005-2623",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2005/2623"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://pridels0.blogspot.com/2005/11/omnistar-kbase-sql-inj-vuln.html"
            },
            {
              "name": "21204",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/21204"
            },
            {
              "name": "21203",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/21203"
            },
            {
              "name": "15635",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/15635"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2005-3880",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple SQL injection vulnerabilities in Omnistar KBase 4.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) article_id parameter in users/comments.php, (2) category_id and (3) id parameters in users/kb.php."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "17773",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/17773"
                },
                {
                  "name": "ADV-2005-2623",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2005/2623"
                },
                {
                  "name": "http://pridels0.blogspot.com/2005/11/omnistar-kbase-sql-inj-vuln.html",
                  "refsource": "MISC",
                  "url": "http://pridels0.blogspot.com/2005/11/omnistar-kbase-sql-inj-vuln.html"
                },
                {
                  "name": "21204",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/21204"
                },
                {
                  "name": "21203",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/21203"
                },
                {
                  "name": "15635",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/15635"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2005-3880",
        "datePublished": "2005-11-29T11:00:00.000Z",
        "dateReserved": "2005-11-29T00:00:00.000Z",
        "dateUpdated": "2024-08-07T23:24:36.549Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-3840 (GCVE-0-2005-3840)

    Vulnerability from cvelistv5 – Published: 2005-11-26 22:00 – Updated: 2024-08-07 23:24
    VLAI
    Summary
    SQL injection vulnerability in kb.php in Omnistar Live 5.2 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) id and (2) category_id parameter. NOTE: due to a typo, an Internet Explorer issue was incorrectly assigned this identifier, but the correct identifier is CVE-2005-3240.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.osvdb.org/21077 vdb-entryx_refsource_OSVDB
    http://pridels0.blogspot.com/2005/11/omnistar-liv… x_refsource_MISC
    http://secunia.com/advisories/17697 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2005/2561 vdb-entryx_refsource_VUPEN
    Date Public
    2005-11-23 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T23:24:36.526Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "21077",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/21077"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://pridels0.blogspot.com/2005/11/omnistar-live-id-and-categoryid-sql.html"
              },
              {
                "name": "17697",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17697"
              },
              {
                "name": "ADV-2005-2561",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2005/2561"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2005-11-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "SQL injection vulnerability in kb.php in Omnistar Live 5.2 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) id and (2) category_id parameter.  NOTE: due to a typo, an Internet Explorer issue was incorrectly assigned this identifier, but the correct identifier is CVE-2005-3240."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2006-02-15T10:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "21077",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/21077"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://pridels0.blogspot.com/2005/11/omnistar-live-id-and-categoryid-sql.html"
            },
            {
              "name": "17697",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17697"
            },
            {
              "name": "ADV-2005-2561",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2005/2561"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2005-3840",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "SQL injection vulnerability in kb.php in Omnistar Live 5.2 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) id and (2) category_id parameter.  NOTE: due to a typo, an Internet Explorer issue was incorrectly assigned this identifier, but the correct identifier is CVE-2005-3240."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "21077",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/21077"
                },
                {
                  "name": "http://pridels0.blogspot.com/2005/11/omnistar-live-id-and-categoryid-sql.html",
                  "refsource": "MISC",
                  "url": "http://pridels0.blogspot.com/2005/11/omnistar-live-id-and-categoryid-sql.html"
                },
                {
                  "name": "17697",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/17697"
                },
                {
                  "name": "ADV-2005-2561",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2005/2561"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2005-3840",
        "datePublished": "2005-11-26T22:00:00.000Z",
        "dateReserved": "2005-11-26T00:00:00.000Z",
        "dateUpdated": "2024-08-07T23:24:36.526Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }