← Back

Orion

orion

2 CVEs • 2 products

Products (2)

Click to collapse
Toggle

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
1Orion
1Woocommerce Products Designer
Jun 17, 2026
May 25, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in ORION Woocommerce Products Designer plugin <= 4.3.3 versions.
1Orion
1Orion Application Server
Apr 23, 2026
Jan 13, 2010
N/A· v4
N/A· v3
5.0 MEDIUM· v2
Orion Application Server 2.0.7 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite fil...Show more
Orion Application Server 2.0.7 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator.Show less