EUVD-2007-3433

Malware in sbrugna...

EUVD-2007-3432

Malware in sbrugna...

EUVD-2007-3431

Malware in sbrugna...

Sql injection

SQL injection vulnerability in BugMall Shopping Cart 2.5 and earlier allows remote attackers to execute arbitrary SQL commands via the "basic search box." NOTE: 4.0.2 and other versions might also be affected...

CVE-2007-3448

Cross-site scripting XSS vulnerability in index.php in BugMall Shopping Cart 2.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the msgs parameter. NOTE: 4.0.2 and other versions might also be affected...

Cross site scripting

Cross-site scripting XSS vulnerability in index.php in BugMall Shopping Cart 2.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the msgs parameter. NOTE: 4.0.2 and other versions might also be affected...

Default credentials

BugMall Shopping Cart 2.5 and earlier has a default username "demo" and password "demo," which allows remote attackers to obtain login access...

CVE-2007-3447

SQL injection vulnerability in BugMall Shopping Cart 2.5 and earlier allows remote attackers to execute arbitrary SQL commands via the "basic search box." NOTE: 4.0.2 and other versions might also be affected...

CVE-2007-3446

BugMall Shopping Cart 2.5 and earlier has a default username "demo" and password "demo," which allows remote attackers to obtain login access...

CVE-2007-3447

SQL injection vulnerability in BugMall Shopping Cart 2.5 and earlier allows remote attackers to execute arbitrary SQL commands via the "basic search box." NOTE: 4.0.2 and other versions might also be affected...

CVE-2007-3446

BugMall Shopping Cart 2.5 and earlier has a default username "demo" and password "demo," which allows remote attackers to obtain login access...

CVE-2007-3446

The vulnerability CVE-2007-3446 affects BugMall Shopping Cart 2.5 and earlier. The issue is the default credentials: username “demo” and password “demo,” which allow remote attackers to obtain login access. This constitutes an authentication issue that can enable unauthorized access to the applic...

CVE-2007-3448

Cross-site scripting XSS vulnerability in index.php in BugMall Shopping Cart 2.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the msgs parameter. NOTE: 4.0.2 and other versions might also be affected...

CVE-2007-3447

CVE-2007-3447 : SQL injection in BugMall Shopping Cart ≤2.5 (and possibly 4.0.2+) via the basic search box, enabling remote execution of arbitrary SQL. Root cause: unsafe SQL in the search functionality. No remediation details are provided in the connected documents.

CVE-2007-3448

CVE-2007-3448 describes a cross-site scripting vulnerability in BugMall Shopping Cart 2.5 and earlier. An attacker can inject arbitrary script via the msgs parameter in index.php. The NVD entry notes this affects 2.5 and earlier versions; 4.0.2 and other versions might also be affected. The CVSS ...

BugMall Shopping Cart 2.5 (SQL/XSS) Multiple Remote Vulnerabilities

No description provided by source. --==+================================================================================+==-- --==+ BUG MALL SHOPPING CART 2.5 AND PRIOR SQL, XSS, DEFAULT LOGINS VULNERABILITYS +==--...

BugMall Shopping Cart 2.5 (SQL/XSS) Multiple Remote Vulnerabilities

Exploit for unknown platform in category web applications =================================================================== BugMall Shopping Cart 2.5 SQL/XSS Multiple Remote Vulnerabilities ===================================================================...