CVE-2008-2038
- EPSS 0.32%
- Veröffentlicht 30.04.2008 16:17:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
Multiple SQL injection vulnerabilities in admin/adminindex.php in Turnkey Web Tools SunShop Shopping Cart 4.1.0 allow remote authenticated administrators to execute arbitrary SQL commands via the (1) orderby and (2) sort parameters. NOTE: the proven...
CVE-2006-2124
- EPSS 0.69%
- Veröffentlicht 01.05.2006 22:06:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
Multiple cross-site scripting (XSS) vulnerabilities in SunShop 3.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) prevaction, (2) previd, (3) prevstart, (4) itemid, (5) id, and (6) action parameters in index.php...
- EPSS 0.59%
- Veröffentlicht 31.12.2005 05:00:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
Turnkey Web Tools SunShop Shopping Cart allows remote attackers to obtain sensitive information via a phpinfo action to (1) index.php, (2) admin/index.php, and (3) admin/adminindex.php, which executes the PHP phpinfo function. NOTE: The vendor has d...
CVE-2002-0553
- EPSS 3.06%
- Veröffentlicht 03.07.2002 04:00:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
Cross-site scripting vulnerability in SunShop 2.5 and earlier allows remote attackers to gain administrative privileges to SunShop by injecting the script into fields during new customer registration.