Comdev Ecommerce@3.0 Security Vulnerabilities and Issues — Comdev Ecommerce@3.0 CVE List

Lucene search

ComdevComdev Ecommerce3.0

3 matches found

CVE•added 2005/08/10 4:0 a.m.•39 views

CVE-2005-2544

PHP remote file inclusion vulnerability in config.php in Comdev eCommerce 3.0 allows remote attackers to execute arbitrary PHP code via the path[docroot] parameter.

5CVSS7.6AI score0.00483EPSS

CVE•added 2005/07/05 4:0 a.m.•36 views

CVE-2005-2138

Cross-site scripting (XSS) vulnerability in index.php in Comdev eCommerce 3.0 and 3.1 allows remote attackers to inject arbitrary web script or HTML via Javascript in the onMouseOver event of an "A" tag in a review message.

4.3CVSS5.9AI score0.00331EPSS

CVE•added 2005/08/10 4:0 a.m.•31 views

CVE-2005-2543

Directory traversal vulnerability in wce.download.php in Comdev eCommerce 3.0 allows remote attackers to download arbitrary files via a .. (dot dot) in the download parameter.

5CVSS6.7AI score0.03054EPSS