2 matches found
CVE-2008-0498
CVE-2008-0498 affects the Bigware Shop 2.0 platform. The vulnerability resides in the file main_bigware_53.tpl.php, where the pollid parameter in a poll results action to main_bigware_53.php is vulnerable to SQL injection. The issue allows remote attackers to potentially execute arbitrary SQL com...
CVE-2012-5317
Summary : CVE-2012-5317 is a SQL injection vulnerability in the Bigware Shop software prior to version 2.1.5. The flaw resides in the script main_bigware_43.php, where the lastname parameter in a process action can be manipulated to execute arbitrary SQL commands. Affected software : Bigware Shop...