CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

21 matches found

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2017-17072

Malware in sbrugna...

10CVSS8.7AI score0.00345EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2008-6728

Malware in sbrugna...

6.8CVSS6.4AI score0.03103EPSS

Exploits0References6

RedhatCVE•added 2025/05/22 7:35 a.m.•2 views

CVE-2017-8110

www.modified-shop.org modified eCommerce Shopsoftware 2.0.2.2 rev 10690 has XXE in api/it-recht-kanzlei/api-it-recht-kanzlei.php...

10CVSS7AI score0.00345EPSS

Exploits0References1

CNVD•added 2017/04/27 12:0 a.m.•2 views

eCommerce Shopsoftware XML External Entity Injection Vulnerability

eCommerce Shopsoftware eCommerce Shop Software is an open source online store system. An XML external entity injection vulnerability exists in the api/it-recht-kanzlei/api-it-recht-kanzlei.php file in eCommerce Shopsoftware version 2.0.2.2 rev 10690. An attacker could exploit this vulnerability t...

10CVSS7.2AI score0.00345EPSS

Exploits0References1

Prion•added 2017/04/25 5:59 p.m.•12 views

Code injection

www.modified-shop.org modified eCommerce Shopsoftware 2.0.2.2 rev 10690 has XXE in api/it-recht-kanzlei/api-it-recht-kanzlei.php...

7.5CVSS9.3AI score0.00345EPSS

Exploits0References1Affected Software1

OSV•added 2017/04/25 5:59 p.m.•0 views

CVE-2017-8110

www.modified-shop.org modified eCommerce Shopsoftware 2.0.2.2 rev 10690 has XXE in api/it-recht-kanzlei/api-it-recht-kanzlei.php...

10CVSS5.8AI score

Exploits0References1

Cvelist•added 2017/04/25 5:0 p.m.•13 views

CVE-2017-8110

www.modified-shop.org modified eCommerce Shopsoftware 2.0.2.2 rev 10690 has XXE in api/it-recht-kanzlei/api-it-recht-kanzlei.php...

9.5AI score0.00345EPSS

Exploits0References1

CVE•added 2017/04/25 5:0 p.m.•41 views

CVE-2017-8110

CVE-2017-8110 affects www.modified-shop.org’s eCommerce Shopsoftware 2.0.2.2 rev 10690, with an XML External Entity (XXE) vulnerability in api/it-recht-kanzlei/api-it-recht-kanzlei.php. The CNVD entry notes risk of reading arbitrary files or DoS via XXE; other sources corroborate the same vulnera...

10CVSS9.3AI score0.00345EPSS

Exploits0References1Affected Software1

NVD•added 2017/02/15 7:59 p.m.•9 views

CVE-2016-3694

Multiple SQL injection vulnerabilities in modified eCommerce Shopsoftware 2.0.0.0 revision 9678, when the easybill-module is not installed, allow remote attackers to execute arbitrary SQL commands via the 1 ordersstatus or 2 customersstatus parameter to api/easybill/easybillcsv.php...

9.8CVSS10AI score0.01178EPSS

Exploits5References2

OSV•added 2017/02/15 7:59 p.m.•1 views

CVE-2016-3694

9.8CVSS6.1AI score

Exploits0References2

Prion•added 2017/02/15 7:59 p.m.•10 views

Sql injection

7.5CVSS9.2AI score0.01178EPSS

Exploits5References2Affected Software1

CVE•added 2017/02/15 7:0 p.m.•57 views

CVE-2016-3694

CVE-2016-3694 affects modified eCommerce Shopsoftware 2.0.0.0 revision 9678. The vulnerability is a GET-based SQL injection: the parameters orders_status and customers_status passed to api/easybill/easybillcsv.php are not adequately filtered, enabling remote attackers to execute arbitrary SQL com...

9.8CVSS10AI score0.01178EPSS

Exploits5References2Affected Software1

seebug.org•added 2016/07/02 12:0 a.m.•13 views

modified eCommerce Shopsoftware 2.0.0.0 rev 9678 - Blind SQL Injection

No description provided by source...

7.1AI score

Exploits0

0day.today•added 2016/04/19 12:0 a.m.•168 views

modified eCommerce Shopsoftware 2.0.0.0 rev 9678 - Blind SQL Injection

Exploit for php platform in category web applications...

7.5CVSS1.9AI score0.01178EPSS

Exploits5

seebug.org•added 2014/07/01 12:0 a.m.•18 views

xt:Commerce Shopsoftware (fckeditor) Arbitrary File Upload Vulnerability

No description provided by source...

7.1AI score

Exploits0

Packet Storm•added 2010/11/09 12:0 a.m.•27 views

xt:Commerce Shopsoftware Arbitrary File Upload

============================================================= xt:Commerce Shopsoftware fckeditor File Upload Vulnerability ============================================================= Exploit Title: xt:Commerce Shopsoftware fckeditor Date: 08/11/2010 Author: Net.Edit0r Software Link:...

0.1AI score

Exploits0

exploitpack•added 2010/11/08 12:0 a.m.•26 views

xt:Commerce Shopsoftware 34 - FCKeditor Arbitrary File Upload

xt:Commerce Shopsoftware 34 - FCKeditor Arbitrary File Upload ============================================================= xt:Commerce Shopsoftware fckeditor File Upload Vulnerability ============================================================= Exploit Title: xt:Commerce Shopsoftware fckeditor...

0.5AI score

Exploits0

Exploit DB•added 2010/11/08 12:0 a.m.•24 views

xt:Commerce Shopsoftware 3/4 - 'FCKeditor' Arbitrary File Upload

7.4AI score

Exploits0

Prion•added 2009/04/29 6:30 p.m.•7 views

Unrestricted file upload

Unrestricted file upload vulnerability in admin/editor/images.php in K&S Shopsoftware allows remote attackers to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it via a direct request to the file in images/upload/...

6.8CVSS8.1AI score0.03103EPSS

Exploits0References5

CVE•added 2009/04/29 6:6 p.m.•42 views

CVE-2008-6768

CVE-2008-6768 concerns an unrestricted file upload vulnerability in the K&S Shopsoftware product, specifically in the admin/editor/images.php module. The issue arises when an attacker uploads a file with an executable extension, which can then be accessed via a direct request to the uploaded file...

6.8CVSS7.9AI score0.03103EPSS

Exploits0References5Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by