CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

RedhatCVE•added 2025/05/22 7:35 a.m.•3 views

CVE-2017-8110

www.modified-shop.org modified eCommerce Shopsoftware 2.0.2.2 rev 10690 has XXE in api/it-recht-kanzlei/api-it-recht-kanzlei.php...

10CVSS7AI score0.00345EPSS

Exploits0References1

CNVD•added 2017/04/27 12:0 a.m.•2 views

eCommerce Shopsoftware XML External Entity Injection Vulnerability

eCommerce Shopsoftware eCommerce Shop Software is an open source online store system. An XML external entity injection vulnerability exists in the api/it-recht-kanzlei/api-it-recht-kanzlei.php file in eCommerce Shopsoftware version 2.0.2.2 rev 10690. An attacker could exploit this vulnerability t...

10CVSS7.2AI score0.00345EPSS

Exploits0References1

Prion•added 2017/04/25 5:59 p.m.•15 views

Code injection

www.modified-shop.org modified eCommerce Shopsoftware 2.0.2.2 rev 10690 has XXE in api/it-recht-kanzlei/api-it-recht-kanzlei.php...

7.5CVSS9.3AI score0.00345EPSS

Exploits0References1Affected Software1

Cvelist•added 2017/04/25 5:0 p.m.•13 views

CVE-2017-8110

www.modified-shop.org modified eCommerce Shopsoftware 2.0.2.2 rev 10690 has XXE in api/it-recht-kanzlei/api-it-recht-kanzlei.php...

9.5AI score0.00345EPSS

Exploits0References1

NVD•added 2017/02/15 7:59 p.m.•18 views

CVE-2016-3694

Multiple SQL injection vulnerabilities in modified eCommerce Shopsoftware 2.0.0.0 revision 9678, when the easybill-module is not installed, allow remote attackers to execute arbitrary SQL commands via the 1 ordersstatus or 2 customersstatus parameter to api/easybill/easybillcsv.php...

9.8CVSS10AI score0.01178EPSS

Exploits5References2