Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
freewebshop freewebshop vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2006-5847
Cross-site scripting (XSS) vulnerability in index.php in FreeWebshop 2.2.2 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the cat parameter.
Freewebshop Freewebshop
1 EDB exploit
NA
CVE-2011-5147
Static code injection vulnerability in ajax_save_name.php in the Ajax File Manager module in the tinymce plugin in FreeWebshop 2.2.9 R2 and previous versions allows remote malicious users to inject arbitrary PHP code into data.php via the selected document, as demonstrated by a c...
Freewebshop Freewebshop 2.2.4
Freewebshop Freewebshop 2.2.3
Freewebshop Freewebshop 2.2.6
Freewebshop Freewebshop 2.2.5
Freewebshop Freewebshop 2.2.7
Freewebshop Freewebshop 2.1
Freewebshop Freewebshop 2.2.9
Freewebshop Freewebshop 2.2.2
Freewebshop Freewebshop 2.2.1
Freewebshop Freewebshop 2.2.7 Wip1 2
Freewebshop Freewebshop
1 EDB exploit
NA
CVE-2009-2338
Directory traversal vulnerability in includes/startmodules.inc.php in FreeWebshop.org 2.2.9 R2, when register_globals is enabled, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the lang_file parameter.
Freewebshop Freewebshop 2.2.9
1 EDB exploit
NA
CVE-2007-6711
Unspecified vulnerability in customer.php in FreeWebshop.org 2.2.5, 2.2.6 and 2.2.7WIP1/2 allows remote malicious users to gain administrator privileges via unknown vectors.
Freewebshop Freewebshop 2.2.6
Freewebshop Freewebshop 2.2.5
Freewebshop Freewebshop 2.2.7 Wip1 2
NA
CVE-2007-6466
Multiple SQL injection vulnerabilities in index.php in FreeWebshop 2.2.1 allow remote malicious users to execute arbitrary SQL commands via (1) the prod parameter in a details action, (2) the cat parameter in a browse list action, or (3) the group parameter in a categories action...
Freewebshop Freewebshop 2.2.1
2 EDB exploits
NA
CVE-2007-0531
PHP remote file inclusion vulnerability in includes/login.php in FreeWebShop 2.2.3 and 2.2.4 prior to 20070123 allows remote malicious users to execute arbitrary PHP code via a URL in the lang_file parameter.
Freewebshop Freewebshop 2.2.4
Freewebshop Freewebshop 2.2.3
NA
CVE-2006-6941
index.php in FreeWebshop 2.2.2 and previous versions allows remote malicious users to obtain sensitive information via an invalid action parameter in an info operation, which discloses the path in an error message.
Freewebshop Freewebshop
1 EDB exploit
NA
CVE-2006-5846
Directory traversal vulnerability in index.php in FreeWebshop 2.2.2 and previous versions allows remote malicious users to read and include arbitrary files via a .. (dot dot) in the page parameter, a different vector than CVE-2006-5773.
Freewebshop Freewebshop
1 EDB exploit
NA
CVE-2006-5772
Multiple SQL injection vulnerabilities in index.php in FreeWebshop 2.2.1 and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) password and (2) prod parameter.
Freewebshop Freewebshop
1 EDB exploit
NA
CVE-2006-5773
Directory traversal vulnerability in index.php in FreeWebshop 2.2.1 and previous versions allows remote malicious users to read arbitrary files and disclose the installation path via a .. (dot dot) in the action parameter.
Freewebshop Freewebshop
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started