absoluteengine Absolut Engine 1.73
Approved changes feed: RSS · Atom
cpe:2.3:a:absolutengine:absolut_engine:1.73:*:*:*:*:*:*:*
part: a version: 1.73 update: *
| Vendor | Absolutengine (780a287d-a2b3-5385-ad7a-e402f38f0945) |
|---|---|
| Product | Absolut Engine (9ad94cdb-a4ac-52aa-abd6-d4fa5024c91b) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2014-9435 |
vulnerable | 2026-06-03 14:34:26.964881 |
Details available
Multiple SQL injection vulnerabilities in Absolut Engine 1.73 allow remote authenticated users to execute arbitrary SQL commands via the (1) sectionID parameter to admin/managersection.php, (2) userID parameter to admin/edituser.php, (3) username parameter to admin/admin.php, or (4) title parameter to admin/managerrelated.php.
Published: 2015-01-02T19:00:00.000Z
Updated: 2024-09-16T17:58:30.860Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2014-9434 |
vulnerable | 2026-06-03 14:34:26.964492 |
Details available
Cross-site scripting (XSS) vulnerability in admin/managerrelated.php in the administrative backend in Absolut Engine 1.73 allows remote authenticated users to inject arbitrary web script or HTML via the title parameter.
Published: 2015-01-02T19:00:00.000Z
Updated: 2024-09-17T04:19:15.973Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.