Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpshop phpshop vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2011-1069
PHPShop up to and including 0.8.1 has XSS.
Phpshop Phpshop
435
VMScore
CVE-2010-4836
Cross-site scripting (XSS) vulnerability in register.html in PHPShop 2.1 EE and previous versions allows remote malicious users to inject arbitrary web script or HTML via the name_new parameter.
Phpshop Phpshop
1 EDB exploit
760
VMScore
CVE-2009-4571
Multiple SQL injection vulnerabilities in index.php in PhpShop 0.8.1 allow remote malicious users to execute arbitrary SQL commands via the (1) module_id parameter in an admin/function_list action, the (2) vendor_id parameter in a vendor/vendor_form action, the (3) module_id para...
Phpshop Phpshop 0.8.1
2 EDB exploits
383
VMScore
CVE-2009-4570
Cross-site scripting (XSS) vulnerability in PhpShop 0.8.1 allows remote malicious users to inject arbitrary web script or HTML via the order_id parameter in an order/order_print action to the default URI.
Phpshop Phpshop 0.8.1
605
VMScore
CVE-2009-4572
Cross-site request forgery (CSRF) vulnerability in PhpShop 0.8.1 allows remote malicious users to hijack the authentication of arbitrary users for requests that invoke the cartAdd function in a shop/cart action to the default URI.
Phpshop Phpshop 0.8.1
690
VMScore
CVE-2008-0681
SQL injection vulnerability in index.php in PHPShop 0.8.1 allows remote malicious users to execute arbitrary SQL commands via the product_id parameter, as demonstrated by a shop/flypage action.
Phpshop Phpshop 0.8.1
2 EDB exploits
605
VMScore
CVE-2008-6455
Session fixation vulnerability in Edikon phpShop 0.8.1 allows remote malicious users to hijack web sessions via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Edikon Phpshop 0.8.1
668
VMScore
CVE-2004-2010
PHP remote file inclusion vulnerability in index.php in phpShop 0.7.1 and previous versions allows remote malicious users to execute arbitrary PHP code by modifying the base_dir parameter to reference a URL on a remote web server that contains phpshop.cfg.
685
VMScore
CVE-2006-5096
Multiple cross-site scripting (XSS) vulnerabilities in index.php in VirtueMart (formerly known as mambo-phpShop) Joomla! eCommerce Edition CMS 1.0.11, and possibly earlier, allow remote malicious users to inject arbitrary web script or HTML via the Itemid parameter in a (1) com_c...
Virtuemart Virtuemart Joomla Ecommerrce Edition Cms
1 EDB exploit
668
VMScore
CVE-2006-4263
Multiple PHP remote file inclusion vulnerabilities in the Product Scroller Module and other modules in mambo-phpshop (com_phpshop) for Mambo and Joomla! allow remote malicious users to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter in (1) mod_phpsho...
Product Scroller Module Product Scroller Module
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started