Pre Shopping Mall
by Preprojects
CVEs (6)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2008-6232 | 0.03 | — | 0.03 | Feb 20, 2009 | Pre Shopping Mall allows remote attackers to bypass authentication and gain administrative access by setting the (1) adminname and the (2) adminid cookies to "admin". | |||
| CVE-2008-6228 | 0.03 | — | 0.03 | Feb 20, 2009 | Pre Multi-Vendor Shopping Malls allows remote attackers to bypass authentication and gain administrative access by setting the (1) adminname and the (2) adminid cookies to "admin". | |||
| CVE-2008-6227 | 0.03 | — | 0.01 | Feb 20, 2009 | SQL injection vulnerability in buyer_detail.php in Pre Multi-Vendor Shopping Malls allows remote attackers to execute arbitrary SQL commands via the (1) sid and (2) cid parameters. | |||
| CVE-2008-2114 | 0.03 | — | 0.01 | May 8, 2008 | SQL injection vulnerability in emall/search.php in Pre Shopping Mall 1.1 allows remote attackers to execute arbitrary SQL commands via the search parameter. | |||
| CVE-2007-2674 | 0.03 | — | 0.01 | May 14, 2007 | SQL injection vulnerability in detail.php in Pre Shopping Mall 1.0 allows remote attackers to execute arbitrary SQL commands via the prodid parameter. | |||
| CVE-2006-2669 | 0.00 | — | 0.02 | May 30, 2006 | Multiple cross-site scripting (XSS) vulnerabilities in Pre Shopping Mall 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) search parameter in search.php (the "search box"), (2) the prodid parameter in detail.php, and the (3) cid parameter in… |
- CVE-2008-6232Feb 20, 2009risk 0.03cvss —epss 0.03
Pre Shopping Mall allows remote attackers to bypass authentication and gain administrative access by setting the (1) adminname and the (2) adminid cookies to "admin".
- CVE-2008-6228Feb 20, 2009risk 0.03cvss —epss 0.03
Pre Multi-Vendor Shopping Malls allows remote attackers to bypass authentication and gain administrative access by setting the (1) adminname and the (2) adminid cookies to "admin".
- CVE-2008-6227Feb 20, 2009risk 0.03cvss —epss 0.01
SQL injection vulnerability in buyer_detail.php in Pre Multi-Vendor Shopping Malls allows remote attackers to execute arbitrary SQL commands via the (1) sid and (2) cid parameters.
- CVE-2008-2114May 8, 2008risk 0.03cvss —epss 0.01
SQL injection vulnerability in emall/search.php in Pre Shopping Mall 1.1 allows remote attackers to execute arbitrary SQL commands via the search parameter.
- CVE-2007-2674May 14, 2007risk 0.03cvss —epss 0.01
SQL injection vulnerability in detail.php in Pre Shopping Mall 1.0 allows remote attackers to execute arbitrary SQL commands via the prodid parameter.
- CVE-2006-2669May 30, 2006risk 0.00cvss —epss 0.02
Multiple cross-site scripting (XSS) vulnerabilities in Pre Shopping Mall 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) search parameter in search.php (the "search box"), (2) the prodid parameter in detail.php, and the (3) cid parameter in…