Approved changes feed: RSS · Atom

cpe:2.3:a:aliacom:open_business_management:1.0.3_pl1:*:*:*:*:*:*:*

part: a version: 1.0.3_pl1 update: *

VendorAliacom (9a468cda-e7de-5594-97f0-052f417062d8)
ProductOpen Business Management (0341b57e-0b43-5c35-8d62-f66fbce0ec9d)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2006-3010 vulnerable 2026-06-08 04:49:08.041308 Details available
Multiple SQL injection vulnerabilities in Open Business Management (OBM) 1.0.3 pl1 allow remote attackers to execute arbitrary SQL commands via the (1) new_order and (2) order_dir parameters to (a) index.php, (b) group/group_index.php, (c) user/user_index.php, (d) list/list_index.php, and (e) company/company_index.php, and the (3) entity and (4) tf_dateafter parameter to company/company_index.php.
Published: 2006-06-13T22:00:00.000Z
Updated: 2024-08-07T18:16:06.139Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2006-3009 vulnerable 2026-06-08 04:49:08.040762 Details available
Multiple cross-site scripting (XSS) vulnerabilities in Open Business Management (OBM) 1.0.3 pl1 allow remote attackers to inject arbitrary HTML or web script via the (1) tf_lang, (2) tf_name, (3) tf_user, (4) tf_lastname, (5) tf_contact, (6) tf_datebefore, and (7) tf_dateafter parameters to files such as (a) publication/publication_index.php, (b) group/group_index.php, (c) user/user_index.php, (d) list/list_index.php, and (e) company/company_index.php.
Published: 2006-06-13T22:00:00.000Z
Updated: 2024-08-07T18:16:05.112Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.