Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Ig Shop Security Vulnerabilities - February

cve
cve

CVE-2007-0132

SQL injection vulnerability in compare_product.php in iGeneric iG Shop 1.4 allows remote attackers to execute arbitrary SQL commands via the id parameter.

8.4AI Score

0.009EPSS

2007-01-09 11:28 AM
22
cve
cve

CVE-2007-0133

Multiple SQL injection vulnerabilities in display_review.php in iGeneric iG Shop 1.4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id or (2) user_login_cookie parameter.

8.5AI Score

0.002EPSS

2007-01-09 11:28 AM
26
cve
cve

CVE-2007-0134

Multiple eval injection vulnerabilities in iGeneric iG Shop 1.0 allow remote attackers to execute arbitrary code via the action parameter, which is supplied to an eval function call in (1) cart.php and (2) page.php. NOTE: a later report and CVE analysis indicate that the vulnerability is present in...

7.9AI Score

0.086EPSS

2007-01-09 11:28 AM
28
cve
cve

CVE-2007-2717

SQL injection vulnerability in shop/page.php in iGeneric (iG) Shop 1.4 allows remote attackers to execute arbitrary SQL commands via the type_id[] parameter, a different vector than CVE-2005-0537.

8.3AI Score

0.002EPSS

2007-05-16 07:28 PM
28