VYPR

Pre Shopping Mall

by Preprojects

CVEs (6)

  • CVE-2008-6232Feb 20, 2009
    risk 0.03cvss epss 0.03

    Pre Shopping Mall allows remote attackers to bypass authentication and gain administrative access by setting the (1) adminname and the (2) adminid cookies to "admin".

  • CVE-2008-6228Feb 20, 2009
    risk 0.03cvss epss 0.03

    Pre Multi-Vendor Shopping Malls allows remote attackers to bypass authentication and gain administrative access by setting the (1) adminname and the (2) adminid cookies to "admin".

  • CVE-2008-6227Feb 20, 2009
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in buyer_detail.php in Pre Multi-Vendor Shopping Malls allows remote attackers to execute arbitrary SQL commands via the (1) sid and (2) cid parameters.

  • CVE-2008-2114May 8, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in emall/search.php in Pre Shopping Mall 1.1 allows remote attackers to execute arbitrary SQL commands via the search parameter.

  • CVE-2007-2674May 14, 2007
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in detail.php in Pre Shopping Mall 1.0 allows remote attackers to execute arbitrary SQL commands via the prodid parameter.

  • CVE-2006-2669May 30, 2006
    risk 0.00cvss epss 0.02

    Multiple cross-site scripting (XSS) vulnerabilities in Pre Shopping Mall 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) search parameter in search.php (the "search box"), (2) the prodid parameter in detail.php, and the (3) cid parameter in…