SQL injection vulnerability in themes/kategorie/index.php in Randshop allows remote attackers to execute arbitrary SQL commands via the (1) kategorieid and (2) katid parameters.
8.8AI Score
0.01EPSS
PHP remote file inclusion vulnerability in index.php in Randshop 1.2 and earlier, including 0.9.3, allows remote attackers to execute arbitrary PHP code via a URL in the incl parameter.
7.9AI Score
0.056EPSS
PHP remote file inclusion vulnerability in includes/header.inc.php in Randshop 1.1.1 allows remote attackers to execute arbitrary PHP code via the dateiPfad parameter.
7.6AI Score
0.086EPSS
PHP remote file inclusion vulnerability in index.php in Randshop before 1.2 allows remote attackers to execute arbitrary PHP code via the dateiPfad parameter, a different vector than CVE-2006-3375.
7.6AI Score
0.086EPSS