Lucene search
+L

5 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.24 views

Q-Shop 3.0 - Remote XSS/SQL Injection Vulnerabilities

No description provided by source. 000000 00000 0000 0000 000 00 000000 0000000 0000 000000 00000 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 00 0 0 0 0 0 0 0 0 00 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 00000 0 0 0 0 0 0 0 0 00000 0000 0 0 0 0 00000 0 0 0 0 0 0 0 0 0 0 000 0 0 0 ...

7.1AI score
Exploits0
NVD
NVD
added 2009/02/24 6:30 p.m.24 views

CVE-2008-6258

SQL injection vulnerability in users.asp in QuadComm Q-Shop 3.0, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the 1 UserID and 2 Pwd parameters. NOTE: this might be related to CVE-2004-2108...

7.5CVSS8.3AI score0.00973EPSS
Exploits1References4
CVE
CVE
added 2009/02/24 6:0 p.m.54 views

CVE-2008-6258

The CVE-2008-6258 entry describes an SQL injection vulnerability in QuadComm Q-Shop 3.0 (and possibly earlier) affecting users.asp, where the (1) UserID and (2) Pwd parameters allow remote attackers to execute arbitrary SQL commands. This is a classic input-based injection affecting the web appli...

7.5CVSS8.7AI score0.00973EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2009/02/24 6:0 p.m.45 views

CVE-2008-6259

CVE-2008-6259 describes a cross-site scripting (XSS) vulnerability in QuadComm Q-Shop 3.0 (search.asp) that allows an attacker to inject arbitrary script/HTML via the srkeys parameter. Affected product: QuadComm Q-Shop 3.0 and possibly earlier versions. Root cause: unsafeguarded handling of the s...

4.3CVSS6AI score0.01607EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2009/02/24 6:0 p.m.28 views

CVE-2008-6258

SQL injection vulnerability in users.asp in QuadComm Q-Shop 3.0, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the 1 UserID and 2 Pwd parameters. NOTE: this might be related to CVE-2004-2108...

8.3AI score0.00973EPSS
Exploits1References4
Rows per page
Query Builder