Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpshop phpshop vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2010-4836
Cross-site scripting (XSS) vulnerability in register.html in PHPShop 2.1 EE and previous versions allows remote malicious users to inject arbitrary web script or HTML via the name_new parameter.
Phpshop Phpshop
1 EDB exploit
6.1
CVSSv3
CVE-2011-1069
PHPShop up to and including 0.8.1 has XSS.
Phpshop Phpshop
NA
CVE-2008-0681
SQL injection vulnerability in index.php in PHPShop 0.8.1 allows remote malicious users to execute arbitrary SQL commands via the product_id parameter, as demonstrated by a shop/flypage action.
Phpshop Phpshop 0.8.1
2 EDB exploits
NA
CVE-2009-4570
Cross-site scripting (XSS) vulnerability in PhpShop 0.8.1 allows remote malicious users to inject arbitrary web script or HTML via the order_id parameter in an order/order_print action to the default URI.
Phpshop Phpshop 0.8.1
NA
CVE-2009-4571
Multiple SQL injection vulnerabilities in index.php in PhpShop 0.8.1 allow remote malicious users to execute arbitrary SQL commands via the (1) module_id parameter in an admin/function_list action, the (2) vendor_id parameter in a vendor/vendor_form action, the (3) module_id para...
Phpshop Phpshop 0.8.1
2 EDB exploits
NA
CVE-2009-4572
Cross-site request forgery (CSRF) vulnerability in PhpShop 0.8.1 allows remote malicious users to hijack the authentication of arbitrary users for requests that invoke the cartAdd function in a shop/cart action to the default URI.
Phpshop Phpshop 0.8.1
NA
CVE-2008-6455
Session fixation vulnerability in Edikon phpShop 0.8.1 allows remote malicious users to hijack web sessions via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Edikon Phpshop 0.8.1
NA
CVE-2004-2010
PHP remote file inclusion vulnerability in index.php in phpShop 0.7.1 and previous versions allows remote malicious users to execute arbitrary PHP code by modifying the base_dir parameter to reference a URL on a remote web server that contains phpshop.cfg.
NA
CVE-2006-5096
Multiple cross-site scripting (XSS) vulnerabilities in index.php in VirtueMart (formerly known as mambo-phpShop) Joomla! eCommerce Edition CMS 1.0.11, and possibly earlier, allow remote malicious users to inject arbitrary web script or HTML via the Itemid parameter in a (1) com_c...
Virtuemart Virtuemart Joomla Ecommerrce Edition Cms
1 EDB exploit
NA
CVE-2006-4263
Multiple PHP remote file inclusion vulnerabilities in the Product Scroller Module and other modules in mambo-phpshop (com_phpshop) for Mambo and Joomla! allow remote malicious users to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter in (1) mod_phpsho...
Product Scroller Module Product Scroller Module
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started