VYPR

Deluxe

by Ashopsoftware

CVEs (2)

  • CVE-2008-3136Jul 10, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in catalogue.php in AShop Deluxe 4.x allows remote attackers to execute arbitrary SQL commands via the cat parameter.

  • CVE-2007-0056Jan 4, 2007
    risk 0.03cvss epss 0.03

    Multiple cross-site scripting (XSS) vulnerabilities in AShop Deluxe 4.5 and AShop Administration Panel allow remote attackers to inject arbitrary web script or HTML via the (1) cat parameter to (a) ashop/catalogue.php and (b) ashop/basket.php, the (2) exp parameter to…