Digishop
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2010-4633 | 0.03 | — | 0.01 | Dec 30, 2010 | SQL injection vulnerability in cart.php in digiSHOP 2.0.2 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vulnerability than CVE-2005-4614.1. | |||
| CVE-2006-5164 | 0.03 | — | 0.02 | Oct 5, 2006 | Multiple cross-site scripting (XSS) vulnerabilities in cart.php in Sum Effect Software digiSHOP 4.0 allow remote attackers to inject arbitrary web script or HTML via the (1) sortBy or (2) search parameters. | |||
| CVE-2005-4614 | 0.00 | — | 0.01 | Dec 31, 2005 | Multiple SQL injection vulnerabilities in digiSHOP 3.1.17 and earlier allow remote attackers to execute arbitrary SQL commands or obtain the full installation path via (1) the c parameter in cart.php and (2) unspecified search module parameters. |
- CVE-2010-4633Dec 30, 2010risk 0.03cvss —epss 0.01
SQL injection vulnerability in cart.php in digiSHOP 2.0.2 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vulnerability than CVE-2005-4614.1.
- CVE-2006-5164Oct 5, 2006risk 0.03cvss —epss 0.02
Multiple cross-site scripting (XSS) vulnerabilities in cart.php in Sum Effect Software digiSHOP 4.0 allow remote attackers to inject arbitrary web script or HTML via the (1) sortBy or (2) search parameters.
- CVE-2005-4614Dec 31, 2005risk 0.00cvss —epss 0.01
Multiple SQL injection vulnerabilities in digiSHOP 3.1.17 and earlier allow remote attackers to execute arbitrary SQL commands or obtain the full installation path via (1) the c parameter in cart.php and (2) unspecified search module parameters.