Lucene search

Php Shop Security Vulnerabilities

cve

CVE-2008-7240

Directory traversal vulnerability in include/unverified.inc.php in Linux Web Shop (LWS) php User Base 1.3beta allows remote attackers to include and execute arbitrary local files via the template...

7.2AI Score

0.008EPSS

2009-09-17 06:30 PM

cve

CVE-2009-2773

PHP remote file inclusion vulnerability in home.php in PHP Paid 4 Mail Script allows remote attackers to execute arbitrary PHP code via a URL in the page...

7.8AI Score

0.057EPSS

2009-08-14 05:30 PM

cve

CVE-2008-6296

admin.php in Maran PHP Shop allows remote attackers to bypass authentication and gain administrative access by setting the user cookie to...

7.4AI Score

0.017EPSS

2009-02-26 04:17 PM

cve

CVE-2008-5648

SQL injection vulnerability in admin/login.php in DeltaScripts PHP Shop 1.0 allows remote attackers to execute arbitrary SQL commands via the admin_username parameter. NOTE: some of these details are obtained from third party...

8.4AI Score

0.001EPSS

2008-12-17 06:30 PM

cve

CVE-2008-4880

SQL injection vulnerability in prodshow.php in Maran PHP Shop allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than...

8.3AI Score

0.001EPSS

2008-11-04 12:57 AM

cve

CVE-2008-4879

SQL injection vulnerability in prod.php in Maran PHP Shop allows remote attackers to execute arbitrary SQL commands via the cat parameter, a different vector than...

8.3AI Score

0.001EPSS

2008-11-04 12:57 AM

cve

CVE-2008-1042

Directory traversal vulnerability in include/body.inc.php in Linux Web Shop (LWS) php Download Manager 1.0 and 1.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the content...

7.1AI Score

0.018EPSS

2008-02-27 07:44 PM

cve

CVE-2008-1043

PHP remote file inclusion vulnerability in templates/default/header.inc.php in Linux Web Shop (LWS) php User Base 1.3 BETA allows remote attackers to execute arbitrary PHP code via a URL in the menu...

7.5AI Score

0.036EPSS

2008-02-27 07:44 PM

cve

CVE-2008-0522

Cross-site scripting (XSS) vulnerability in multiple Hal Networks shopping-cart products allows remote attackers to inject arbitrary web script or HTML via unspecified...

5.7AI Score

0.003EPSS

2008-01-31 08:00 PM

cve

CVE-2006-4052

Multiple PHP remote file inclusion vulnerabilities in Turnkey Web Tools PHP Simple Shop 2.0 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the abs_path parameter to (1) admin/index.php, (2) admin/adminindex.php, (3) admin/adminglobal.php, (4) admin/login.php, (5)...

7.7AI Score

0.681EPSS

2006-08-10 12:04 AM