Q-shop Security Vulnerabilities and Issues — Q-shop CVE List

Lucene search

QuadcommQ-shop

2 matches found

CVE•added 2009/02/24 6:30 p.m.•41 views

CVE-2008-6258

SQL injection vulnerability in users.asp in QuadComm Q-Shop 3.0, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the (1) UserID and (2) Pwd parameters. NOTE: this might be related to CVE-2004-2108.

7.5CVSS8.7AI score0.03662EPSS

CVE•added 2009/02/24 6:30 p.m.•33 views

CVE-2008-6259

Cross-site scripting (XSS) vulnerability in search.asp in QuadComm Q-Shop 3.0, and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the srkeys parameter.

4.3CVSS6AI score0.01719EPSS