14 matches found
CVE-2008-6278
Multiple cross-site scripting XSS vulnerabilities in product.php in RakhiSoftware Price Comparison Script aka Shopping Cart allow remote attackers to inject arbitrary web script or HTML via the 1 categoryid and 2 subcategoryid parameters...
EUVD-2008-6249
Malware in sbrugna...
EUVD-2008-6247
Malware in sbrugna...
EUVD-2008-6248
Malware in sbrugna...
Design/Logic Flaw
RakhiSoftware Price Comparison Script aka Shopping Cart allows remote attackers to obtain sensitive information via an invalid PHPSESSID cookie, which reveals the installation path in an error message...
Sql injection
SQL injection vulnerability in product.php in RakhiSoftware Price Comparison Script aka Shopping Cart allows remote attackers to execute arbitrary SQL commands via the subcategoryid parameter...
CVE-2008-6279
RakhiSoftware Price Comparison Script aka Shopping Cart allows remote attackers to obtain sensitive information via an invalid PHPSESSID cookie, which reveals the installation path in an error message...
CVE-2008-6278
Multiple cross-site scripting XSS vulnerabilities in product.php in RakhiSoftware Price Comparison Script aka Shopping Cart allow remote attackers to inject arbitrary web script or HTML via the 1 categoryid and 2 subcategoryid parameters...
CVE-2008-6278
Multiple cross-site scripting XSS vulnerabilities in product.php in RakhiSoftware Price Comparison Script aka Shopping Cart allow remote attackers to inject arbitrary web script or HTML via the 1 categoryid and 2 subcategoryid parameters...
CVE-2008-6279
RakhiSoftware Price Comparison Script aka Shopping Cart allows remote attackers to obtain sensitive information via an invalid PHPSESSID cookie, which reveals the installation path in an error message...
CVE-2008-6278
The CVE-2008-6278 entry concerns RakhiSoftware Price Comparison Script (aka Shopping Cart). Affected component: product.php. Vulnerability: reflected cross-site scripting via two parameters, category_id and subcategory_id, allowing remote attackers to inject arbitrary web script or HTML. The root...
CVE-2008-6279
Vulnerability: RakhiSoftware Price Comparison Script (Shopping Cart) exposes installation path in error messages via an invalid PHPSESSID cookie, enabling remote disclosure of sensitive information. Affected: RakhiSoftware Price Comparison Script; root cause: PHPSESSID handling leads to error det...
CVE-2008-6277
SQL injection vulnerability in product.php in RakhiSoftware Price Comparison Script aka Shopping Cart allows remote attackers to execute arbitrary SQL commands via the subcategoryid parameter...
CVE-2008-6277
CVE-2008-6277 describes an SQL injection vulnerability in the RakhiSoftware Price Comparison Script (aka Shopping Cart). The flaw is in the file product.php and is exploitable via the subcategory_id parameter, enabling a remote attacker to execute arbitrary SQL commands. This AV:N/AC:L/ Au:N/C:P/...