Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openfreeway freeway vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2011-3739
Freeway 1.5 Alpha allows remote malicious users to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by templates/Freeway/boxes/last_product.php and certain other files.
Openfreeway Freeway 1.5
NA
CVE-2010-2925
SQL injection vulnerability in index.php in Freeway CMS 1.4.3.210 allows remote malicious users to execute arbitrary SQL commands via the ecPath parameter.
Openfreeway Freeway 1.4.3.210
1 EDB exploit
NA
CVE-2008-6013
Multiple SQL injection vulnerabilities in Freeway prior to 1.4.3.210 allow remote malicious users to execute arbitrary SQL commands via unspecified vectors involving the (1) advanced search result and (2) service resource pages.
Openfreeway Freeway 1.3
Openfreeway Freeway 1.2.0.113
Openfreeway Freeway 1.1.1.81
Openfreeway Freeway 1.0.59
Openfreeway Freeway
Openfreeway Freeway 1.1.1.80
Openfreeway Freeway 1.1.1.76
Openfreeway Freeway 1.0.25
Openfreeway Freeway 1.4.1.171
Openfreeway Freeway 1.4.0.171
Openfreeway Freeway 1.4.1
Openfreeway Freeway 1.4
Openfreeway Freeway 1.4.1.197
Openfreeway Freeway 1.3.0.142
Openfreeway Freeway 1.3.2.154
Openfreeway Freeway 1.3.1.147
Openfreeway Freeway 1.3.2.160
Openfreeway Freeway 1.3.1.142
Openfreeway Freeway 1.0.060
NA
CVE-2008-3841
Cross-site scripting (XSS) vulnerability in admin/search_links.php in Freeway eCommerce 1.4.1.171 allows remote malicious users to inject arbitrary web script or HTML via the search_link parameter.
Openfreeway Freeway 1.4.1.171
NA
CVE-2008-3769
PHP remote file inclusion vulnerability in admin/create_order_new.php in Freeway 1.4.1.171, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the include_page parameter.
Openfreeway Freeway 1.4.1.171
NA
CVE-2008-3770
Multiple directory traversal vulnerabilities in Freeway 1.4.1.171, when register_globals is enabled, allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the language parameter to (1) includes/events_application_top.php; (2) english/acco...
Openfreeway Freeway 1.4.1.171
8 EDB exploits
NA
CVE-2008-3677
Directory traversal vulnerability in includes/events_application_top.php in Freeway prior to 1.4.2.197 allows remote malicious users to include and execute arbitrary local files via unspecified vectors.
Openfreeway Freeway 1.2.0.113
Openfreeway Freeway 1.3.0.142
Openfreeway Freeway 1.0.60
Openfreeway Freeway 1.1.1.81
Openfreeway Freeway 1.4
Openfreeway Freeway 1.0.25
Openfreeway Freeway 1.0.59
Openfreeway Freeway 1.3.2.160
Openfreeway Freeway 1.4.1
Openfreeway Freeway 1.3.1.147
Openfreeway Freeway 1.3.2.154
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started