Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
peel vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2008-1507
PEEL, possibly 3.x and previous versions, has (1) a default info@peel.fr account with password admin, and (2) a default contact@peel.fr account with password cinema, which allows remote malicious users to gain administrative access.
Peel Peel
Peel Peel 1.0b
Peel Peel 2.6
Peel Peel 2.7
1 EDB exploit
505
VMScore
CVE-2008-1506
PEEL, possibly 3.x and previous versions, allows remote malicious users to obtain configuration information via a direct request to phpinfo.php, which calls the phpinfo function.
Peel Peel 1.0b
Peel Peel 2.6
Peel Peel 2.7
Peel Peel
1 EDB exploit
655
VMScore
CVE-2008-1495
Unrestricted file upload vulnerability in administrer/produits.php in PEEL, possibly 3.x and previous versions, allows remote authenticated administrators to upload and execute arbitrary PHP files via a modified content type in an ajout action, as demonstrated by (1) image/gif an...
Peel Peel 2.6
Peel Peel 2.7
Peel Peel 1.0b
1 EDB exploit
755
VMScore
CVE-2008-1496
Multiple SQL injection vulnerabilities in PEEL, possibly 3.x and previous versions, allow remote malicious users to execute arbitrary SQL commands via the (1) email parameter to (a) membre.php, and the (2) timestamp parameter to (b) the details action in achat/historique_commande...
Peel Peel 1.0b
Peel Peel 2.6
Peel Peel 2.7
1 EDB exploit
668
VMScore
CVE-2005-3572
SQL injection vulnerability in index.php in Peel 2.6 up to and including 2.7 allows remote malicious users to execute arbitrary SQL commands via the rubid parameter.
Peel Peel 2.6
Peel Peel 2.7
312
VMScore
CVE-2021-27190
A Stored Cross Site Scripting(XSS) Vulnerability exists in PEEL SHOPPING 9.3.0 and 9.4.0, which are publicly available. The user supplied input containing polyglot payload is echoed back in javascript code in HTML response. This allows an malicious user to input malicious JavaScr...
Peel Peel Shopping 9.3.0
Peel Peel Shopping 9.4.0
1 Github repository
435
VMScore
CVE-2012-5226
Multiple cross-site scripting (XSS) vulnerabilities in Peel SHOPPING 2.8 and 2.9 allow remote malicious users to inject arbitrary web script or HTML via the (1) motclef parameter to achat/recherche.php or (2) PATH_INFO to index.php.
Peel Peel Shopping 2.8
Peel Peel Shopping 2.9
1 EDB exploit
755
VMScore
CVE-2012-5227
SQL injection vulnerability in administrer/tva.php in Peel SHOPPING 2.8 and 2.9 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Peel Peel Shopping 2.8
Peel Peel Shopping 2.9
1 EDB exploit
505
VMScore
CVE-2002-2134
haut.php in PEEL 1.0b allows remote malicious users to execute arbitrary PHP code by modifying the dirroot parameter to reference a URL on a remote web server that contains the code in a lang.php file.
Peel Peel 1.0b
1 EDB exploit
755
VMScore
CVE-2008-6892
SQL injection vulnerability in lire/index.php in Peel 3.1 allows remote malicious users to execute arbitrary SQL commands via the rubid parameter. NOTE: this might be the same issue as CVE-2005-3572.
Peel Peel 3.1
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675
CVE-2024-3400
CVE-2024-23557
mass assignment
CVE-2023-1389
local file inclusion
CVE-2024-32596
file upload
CVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »