Lucene search
K

13 matches found

euvd
euvd
added 2025/10/07 12:30 a.m.5 views

EUVD-2006-5616

Malware in sbrugna...

6.8CVSS6.3AI score0.01324EPSS
Exploits1References5
euvd
euvd
added 2025/10/07 12:30 a.m.4 views

EUVD-2006-5617

Malware in sbrugna...

6.8CVSS6.3AI score0.01232EPSS
Exploits1References6
packetstorm
packetstorm
added 2007/06/20 12:0 a.m.25 views

igshop14-eval.txt

!/usr/bin/perl -w use LWP::UserAgent; iG Shop 1.4 eval Inclusion Vulnerability found by IFX nyubicrew Vulnerability on page.php if !$action $action = "make"; // here the function will be called. eval "page$action;"; die "Example: perl $0 http://www.planetgolfuk.co.uk/shop\n" unless @ARGV; $b =...

7.4AI score
Exploits0
seebug
seebug
added 2007/05/13 12:0 a.m.133 views

iG Shop 1.4 (page.php) Remote SQL Injection Vulnerability

No description provided by source. Discovered by: gsy & kerem125 Website: www.kerem125.com Script Download: http://www.igeneric.co.uk/ig-shopping-cart.html exploit:/shop/page.php?pagetype=catalognavigate&typeid=-99%20union//select//password//from//users/...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2007/05/12 12:0 a.m.15 views

iG Shop 1.4 - page.php SQL Injection

iG Shop 1.4 - page.php SQL Injection Discovered by: gsy & kerem125 Website: www.kerem125.com Script Download: http://www.igeneric.co.uk/ig-shopping-cart.html exploit:/shop/page.php?pagetype=catalognavigate&typeid=-99%20union//select//password//from//users/...

0.2AI score
Exploits0
prion
prion
added 2007/01/09 11:28 a.m.13 views

Sql injection

Multiple SQL injection vulnerabilities in displayreview.php in iGeneric iG Shop 1.4 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 id or 2 userlogincookie parameter...

7.5CVSS9.2AI score0.00926EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2007/01/09 11:0 a.m.20 views

CVE-2007-0132

SQL injection vulnerability in compareproduct.php in iGeneric iG Shop 1.4 allows remote attackers to execute arbitrary SQL commands via the id parameter...

8.4AI score0.01755EPSS
Exploits1References8
cve
cve
added 2007/01/09 11:0 a.m.45 views

CVE-2007-0132

The CVE-2007-0132 entry concerns a SQL injection in the iGeneric iG Shop 1.4 application, specifically in compare_product.php. The underlying flaw allows an attacker to manipulate the id parameter to execute arbitrary SQL commands on the backend database. Affected component is the compare_product...

7.5CVSS8.4AI score0.01755EPSS
Exploits1References8Affected Software1
cve
cve
added 2007/01/09 11:0 a.m.49 views

CVE-2007-0133

The CVE-2007-0133 entry describes multiple SQL injection vulnerabilities in display_review.php for iGeneric iG Shop

7.5CVSS8.5AI score0.00926EPSS
Exploits0References2Affected Software1
cve
cve
added 2006/10/31 10:0 p.m.40 views

CVE-2006-5632

CVE-2006-5632 describes an XSS vulnerability in iG Shop 1.4 affecting change_pass.php via the id parameter. The root cause is improper handling/validation of the id parameter in that script, enabling remote attackers to inject arbitrary web script or HTML. The connected PT Security entries (PT-20...

6.8CVSS5.5AI score0.01232EPSS
Exploits1References4Affected Software1
cve
cve
added 2006/10/31 10:0 p.m.50 views

CVE-2006-5631

CVE-2006-5631: XSS in iG Shop 1.4's change_pass.php. Vulnerable when action parameter is not "1" (arbitrary query strings may inject script/HTML). Affected file: change_pass.php in iG Shop 1.4. CVSS v2 base score 6.8 (Medium). Mitigations in connected PT Security notes suggest restricting access ...

6.8CVSS5.7AI score0.01324EPSS
Exploits1References4Affected Software1
cvelist
cvelist
added 2006/10/31 10:0 p.m.21 views

CVE-2006-5632

Cross-site scripting XSS vulnerability in changepass.php in iG Shop 1.4 allows remote attackers to inject arbitrary web script or HTML via the id parameter, a different vulnerability than CVE-2006-5631. NOTE: the provenance of this information is unknown; the details are obtained solely from thir...

5.5AI score0.01232EPSS
Exploits1References4
cvelist
cvelist
added 2006/10/31 10:0 p.m.19 views

CVE-2006-5631

Cross-site scripting XSS vulnerability in changepass.php in iG Shop 1.4 allows remote attackers to inject arbitrary web script or HTML via arbitrary query strings when the action parameter is not "1", as demonstrated using script in the action parameter, a different vulnerability than CVE-2006-56...

5.6AI score0.01324EPSS
Exploits1References4
Rows per page
Query Builder