Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpshop phpshop vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2011-1069
PHPShop up to and including 0.8.1 has XSS.
Phpshop Phpshop
4.3
CVSSv2
CVE-2010-4836
Cross-site scripting (XSS) vulnerability in register.html in PHPShop 2.1 EE and previous versions allows remote malicious users to inject arbitrary web script or HTML via the name_new parameter.
Phpshop Phpshop
1 EDB exploit
6.8
CVSSv2
CVE-2008-0681
SQL injection vulnerability in index.php in PHPShop 0.8.1 allows remote malicious users to execute arbitrary SQL commands via the product_id parameter, as demonstrated by a shop/flypage action.
Phpshop Phpshop 0.8.1
2 EDB exploits
4.3
CVSSv2
CVE-2009-4570
Cross-site scripting (XSS) vulnerability in PhpShop 0.8.1 allows remote malicious users to inject arbitrary web script or HTML via the order_id parameter in an order/order_print action to the default URI.
Phpshop Phpshop 0.8.1
7.5
CVSSv2
CVE-2009-4571
Multiple SQL injection vulnerabilities in index.php in PhpShop 0.8.1 allow remote malicious users to execute arbitrary SQL commands via the (1) module_id parameter in an admin/function_list action, the (2) vendor_id parameter in a vendor/vendor_form action, the (3) module_id para...
Phpshop Phpshop 0.8.1
2 EDB exploits
6.8
CVSSv2
CVE-2009-4572
Cross-site request forgery (CSRF) vulnerability in PhpShop 0.8.1 allows remote malicious users to hijack the authentication of arbitrary users for requests that invoke the cartAdd function in a shop/cart action to the default URI.
Phpshop Phpshop 0.8.1
6.8
CVSSv2
CVE-2008-6455
Session fixation vulnerability in Edikon phpShop 0.8.1 allows remote malicious users to hijack web sessions via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Edikon Phpshop 0.8.1
7.5
CVSSv2
CVE-2004-2010
PHP remote file inclusion vulnerability in index.php in phpShop 0.7.1 and previous versions allows remote malicious users to execute arbitrary PHP code by modifying the base_dir parameter to reference a URL on a remote web server that contains phpshop.cfg.
6.8
CVSSv2
CVE-2006-5096
Multiple cross-site scripting (XSS) vulnerabilities in index.php in VirtueMart (formerly known as mambo-phpShop) Joomla! eCommerce Edition CMS 1.0.11, and possibly earlier, allow remote malicious users to inject arbitrary web script or HTML via the Itemid parameter in a (1) com_c...
Virtuemart Virtuemart Joomla Ecommerrce Edition Cms
1 EDB exploit
7.5
CVSSv2
CVE-2006-4263
Multiple PHP remote file inclusion vulnerabilities in the Product Scroller Module and other modules in mambo-phpshop (com_phpshop) for Mambo and Joomla! allow remote malicious users to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter in (1) mod_phpsho...
Product Scroller Module Product Scroller Module
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started