Show filters
49 Total Results
Displaying 41-49 of 49
Sort by:
Attacker Value
Unknown
CVE-2008-2568
Disclosure Date: June 06, 2008 (last updated October 04, 2023)
SQL injection vulnerability in the Simple Shop Galore (com_simpleshop) component 3.4 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a browse action to index.php.
0
Attacker Value
Unknown
CVE-2006-6074
Disclosure Date: November 24, 2006 (last updated October 04, 2023)
Multiple SQL injection vulnerabilities in Enthrallweb eShopping Cart allow remote attackers to execute arbitrary SQL commands via (1) the ProductID parameter in (a) reviews.asp, or the (2) cat_id or (3) sub_id parameter in (b) subProducts.asp. NOTE: the productdetail.asp vector is already covered by another identifier.
0
Attacker Value
Unknown
CVE-2006-6073
Disclosure Date: November 24, 2006 (last updated October 04, 2023)
Multiple SQL injection vulnerabilities in Enthrallweb eShopping Cart allow remote attackers to execute arbitrary SQL commands via the (1) ProductID parameter in productdetail.asp or the (2) categoryid parameter in products.asp.
0
Attacker Value
Unknown
CVE-2006-4871
Disclosure Date: September 19, 2006 (last updated October 04, 2023)
SQL injection vulnerability in search_run.asp in Keyvan1 (aka Keyvan Janghorbani) EShoppingPro 1.0 allows remote attackers to execute arbitrary SQL commands via the order parameter.
0
Attacker Value
Unknown
CVE-2006-3235
Disclosure Date: June 27, 2006 (last updated October 04, 2023)
Multiple cross-site scripting (XSS) vulnerabilities in index.php in FineShop 3.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) promocja, (2) wysw, or (3) id_produc parameters.
0
Attacker Value
Unknown
CVE-2006-3234
Disclosure Date: June 27, 2006 (last updated October 04, 2023)
Multiple SQL injection vulnerabilities in index.php in FineShop 3.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) produkt, (2) id_produc, and (3) id_kat parameters.
0
Attacker Value
Unknown
CVE-2006-3156
Disclosure Date: June 22, 2006 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in index.cgi in Ultimate eShop 1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the subid parameter.
0
Attacker Value
Unknown
CVE-2006-2038
Disclosure Date: April 26, 2006 (last updated October 04, 2023)
Multiple SQL injection vulnerabilities in ampleShop 2.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) RecordID parameter in (a) Customeraddresses_RecordAction.cfm and (b) youraccount.cfm; (2) solus parameter in (c) detail.cfm; and (3) cat parameter in (d) category.cfm.
0
Attacker Value
Unknown
CVE-2003-0509
Disclosure Date: August 07, 2003 (last updated February 22, 2025)
SQL injection vulnerability in Cyberstrong eShop 4.2 and earlier allows remote attackers to steal authentication information and gain privileges via the ProductCode parameter in (1) 10expand.asp, (2) 10browse.asp, and (3) 20review.asp.
0
