2 matches found
CVE-2008-2882
upgrade.asp in sHibby sHop 2.2 and earlier does not require administrative authentication, which allows remote attackers to update a file or have unspecified other impact via a direct request...
CVE-2008-2882
CVE-2008-2882 affects the web application component upgrade.asp in sHibby sHop 2.2 and earlier . The vulnerability arises because the upgrade action does not require administrative authentication, enabling a remote attacker to update a file (via a direct request) and potentially cause other impac...