Vendor
Powergap
Products
3
CVEs
3
Across products
4
Status
Private
Products
3- 2 CVEs
- 1 CVE
- 1 CVE
Recent CVEs
3| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2006-4236 | 0.04 | — | 0.09 | Aug 21, 2006 | Multiple PHP remote file inclusion vulnerabilities in POWERGAP allow remote attackers to execute arbitrary PHP code via a URL in the (1) shopid parameter to (a) s01.php, (b) s02.php, (c) s03.php, and (d) s04.php; and possibly a URL located after "shopid=" or "sid=" in the… | |||
| CVE-2008-3561 | 0.03 | — | 0.01 | Aug 10, 2008 | SQL injection vulnerability in s03.php in Powergap Shopsystem, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the ag parameter. | |||
| CVE-2006-1684 | 0.00 | — | 0.01 | Apr 11, 2006 | Unspecified vulnerability in ecotwo Shopsystem 1.0-192 and earlier allows remote attackers to include arbitrary local files via (1) the lang parameter in news.php and (2) other unspecified vectors. |
- CVE-2006-4236Aug 21, 2006risk 0.04cvss —epss 0.09
Multiple PHP remote file inclusion vulnerabilities in POWERGAP allow remote attackers to execute arbitrary PHP code via a URL in the (1) shopid parameter to (a) s01.php, (b) s02.php, (c) s03.php, and (d) s04.php; and possibly a URL located after "shopid=" or "sid=" in the…
- CVE-2008-3561Aug 10, 2008risk 0.03cvss —epss 0.01
SQL injection vulnerability in s03.php in Powergap Shopsystem, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the ag parameter.
- CVE-2006-1684Apr 11, 2006risk 0.00cvss —epss 0.01
Unspecified vulnerability in ecotwo Shopsystem 1.0-192 and earlier allows remote attackers to include arbitrary local files via (1) the lang parameter in news.php and (2) other unspecified vectors.