VYPR

Comdev Ecommerce

by Comdev

CVEs (4)

  • CVE-2005-2543Aug 10, 2005
    risk 0.03cvss epss 0.06

    Directory traversal vulnerability in wce.download.php in Comdev eCommerce 3.0 allows remote attackers to download arbitrary files via a .. (dot dot) in the download parameter.

  • CVE-2007-3081Jun 6, 2007
    risk 0.00cvss epss 0.01

    PHP remote file inclusion vulnerability in sampleecommerce.php in Comdev eCommerce 4.1 allows remote attackers to execute arbitrary PHP code via a URL in the path[docroot] parameter.

  • CVE-2005-2544Aug 10, 2005
    risk 0.00cvss epss 0.01

    PHP remote file inclusion vulnerability in config.php in Comdev eCommerce 3.0 allows remote attackers to execute arbitrary PHP code via the path[docroot] parameter.

  • CVE-2005-2138Jul 5, 2005
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in index.php in Comdev eCommerce 3.0 and 3.1 allows remote attackers to inject arbitrary web script or HTML via Javascript in the onMouseOver event of an "A" tag in a review message.