Vendor
Easy Webstore
Products
1
CVEs
4
Across products
4
Status
Private
Products
1- 4 CVEs
Recent CVEs
4| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2001-1343 | 0.04 | — | 0.10 | Jun 12, 2001 | ws_mail.cgi in WebStore 400/400CS 4.14 allows remote authenticated WebStore administrators to execute arbitrary code via shell metacharacters in the kill parameter. | |||
| CVE-2008-2853 | 0.03 | — | 0.01 | Jun 25, 2008 | SQL injection vulnerability in index.php in Easy Webstore 1.2 allows remote attackers to execute arbitrary SQL commands via the cat_path parameter. | |||
| CVE-2007-4109 | 0.03 | — | 0.01 | Jul 31, 2007 | SQL injection vulnerability in sign_in.aspx in WebStore (Online Store Application Template) allows remote attackers to execute arbitrary SQL commands via the Password parameter. | |||
| CVE-1999-0604 | 0.00 | — | 0.01 | Apr 20, 1999 | An incorrect configuration of the WebStore 1.0 shopping cart CGI program "web_store.cgi" could disclose private information. |
- CVE-2001-1343Jun 12, 2001risk 0.04cvss —epss 0.10
ws_mail.cgi in WebStore 400/400CS 4.14 allows remote authenticated WebStore administrators to execute arbitrary code via shell metacharacters in the kill parameter.
- CVE-2008-2853Jun 25, 2008risk 0.03cvss —epss 0.01
SQL injection vulnerability in index.php in Easy Webstore 1.2 allows remote attackers to execute arbitrary SQL commands via the cat_path parameter.
- CVE-2007-4109Jul 31, 2007risk 0.03cvss —epss 0.01
SQL injection vulnerability in sign_in.aspx in WebStore (Online Store Application Template) allows remote attackers to execute arbitrary SQL commands via the Password parameter.
- CVE-1999-0604Apr 20, 1999risk 0.00cvss —epss 0.01
An incorrect configuration of the WebStore 1.0 shopping cart CGI program "web_store.cgi" could disclose private information.