VYPR
Vendor

Shaklee Product Catalog Project

Products
1
CVEs
5
Across products
5
Status
Private

Products

1

Recent CVEs

5
  • CVE-2008-6875Jul 24, 2009
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in default.asp in ASP Product Catalog allows remote attackers to execute arbitrary SQL commands via the cid parameter, a different vector than CVE-2007-5220.

  • CVE-2009-1321Apr 17, 2009
    risk 0.03cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in search.asp in ASP Product Catalog 1.0 allows remote attackers to inject arbitrary web script or HTML via the keywords parameter.

  • CVE-2025-1405Feb 28, 2025
    risk 0.00cvss epss 0.00

    The Product Catalog Simple plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's show_products shortcode in all versions up to, and including, 1.7.11 due to insufficient input sanitization and output escaping on user supplied attributes. This makes…

  • CVE-2014-7452Oct 19, 2014
    risk 0.00cvss epss 0.00

    The Shaklee Product Catalog (aka com.wProductCatalog) application 2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2007-5220Oct 5, 2007
    risk 0.00cvss epss 0.01

    SQL injection vulnerability in catalog.asp in ASP Product Catalog allows remote attackers to execute arbitrary SQL commands via the cid parameter and possibly other parameters.