Lucene search
K
Webasyst LlcShop-script

4 matches found

CVE
CVE
added 2007/04/03 4:0 p.m.50 views

CVE-2007-1855

CVE-2007-1855 describes multiple PHP remote file inclusion vulnerabilities in Shop-Script FREE, specifically in smarty/smarty_class.php, enabling an attacker to execute arbitrary PHP code by supplying a URL to one of five parameters (_smarty_compile_path, smarty_compile_path, get_plugin_filepath,...

7.5CVSS7.5AI score0.01356EPSS
CVE
CVE
added 2010/04/16 7:0 p.m.50 views

CVE-2010-1462

CVE-2010-1462 affects WebAsyst Shop-Script FREE and is a directory traversal vulnerability exploitable through the sub parameter. The known impact is described as unknown in the CVE entry; the NVD entry lists a base score of 10.0 (HIGH) with network attack vector and complete impact on confidenti...

10CVSS6.7AI score0.02273EPSS
CVE
CVE
added 2010/04/16 7:0 p.m.43 views

CVE-2010-1463

CVE-2010-1463 concerns multiple SQL injection vulnerabilities in WebAsyst Shop-Script FREE. According to the NVD entry, an attacker can execute arbitrary SQL commands through a set of parameters: add2cart, c_id, categoryID, list_price, name, new_offer, price, product_code, productID, rating, and ...

7.5CVSS8.7AI score0.01246EPSS
CVE
CVE
added 2006/10/27 4:0 p.m.42 views

CVE-2006-5566

CRLF injection vulnerability (CVE-2006-5566) in Shop-Script’s premium/index.php allows remote attackers to inject arbitrary HTTP headers and perform HTTP response splitting via CRLF sequences in the following parameters: links_exchange, news, search_with_change_category_ability, logging, feedback...

5CVSS7.4AI score0.02195EPSS
Web