Quadcomm
Products
1- 5 CVEs
Recent CVEs
5| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2008-6259 | 0.03 | — | 0.02 | Feb 24, 2009 | Cross-site scripting (XSS) vulnerability in search.asp in QuadComm Q-Shop 3.0, and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the srkeys parameter. | |||
| CVE-2008-6258 | 0.03 | — | 0.01 | Feb 24, 2009 | SQL injection vulnerability in users.asp in QuadComm Q-Shop 3.0, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the (1) UserID and (2) Pwd parameters. NOTE: this might be related to CVE-2004-2108. | |||
| CVE-2006-4852 | 0.03 | — | 0.05 | Sep 19, 2006 | SQL injection vulnerability in browse.asp in QuadComm Q-Shop 3.5 allows remote attackers to execute arbitrary SQL commands via the OrderBy parameter. | |||
| CVE-2004-2108 | 0.00 | — | 0.03 | Dec 31, 2004 | Multiple SQL injection vulnerabilities in QuadComm Q-Shop allow remote attackers to execute arbitrary SQL commands via certain parameters to (1) search.asp, (2) browse.asp, (3) details.asp, (4) showcat.asp, (5) users.asp, (6) addtomylist.asp, (7) modline.asp, (8) cart.asp, or… | |||
| CVE-2004-2109 | 0.00 | — | 0.02 | Dec 31, 2004 | Multiple cross-site scripting (XSS) vulnerabilities in (1) imagezoom.asp or (2) recommend.asp in Q-Shop allow remote attackers to execute arbitrary script and steal the user session ID via Javascript in a URL. |
- CVE-2008-6259Feb 24, 2009risk 0.03cvss —epss 0.02
Cross-site scripting (XSS) vulnerability in search.asp in QuadComm Q-Shop 3.0, and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the srkeys parameter.
- CVE-2008-6258Feb 24, 2009risk 0.03cvss —epss 0.01
SQL injection vulnerability in users.asp in QuadComm Q-Shop 3.0, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the (1) UserID and (2) Pwd parameters. NOTE: this might be related to CVE-2004-2108.
- CVE-2006-4852Sep 19, 2006risk 0.03cvss —epss 0.05
SQL injection vulnerability in browse.asp in QuadComm Q-Shop 3.5 allows remote attackers to execute arbitrary SQL commands via the OrderBy parameter.
- CVE-2004-2108Dec 31, 2004risk 0.00cvss —epss 0.03
Multiple SQL injection vulnerabilities in QuadComm Q-Shop allow remote attackers to execute arbitrary SQL commands via certain parameters to (1) search.asp, (2) browse.asp, (3) details.asp, (4) showcat.asp, (5) users.asp, (6) addtomylist.asp, (7) modline.asp, (8) cart.asp, or…
- CVE-2004-2109Dec 31, 2004risk 0.00cvss —epss 0.02
Multiple cross-site scripting (XSS) vulnerabilities in (1) imagezoom.asp or (2) recommend.asp in Q-Shop allow remote attackers to execute arbitrary script and steal the user session ID via Javascript in a URL.