| Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2008-1908 | 7.5 |
Multiple directory traversal vulnerabilities in cpCommerce 1.1.0 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) the language parameter in a language action to the default URI, which is not properly handl
|
29-09-2017 - 01:30 | 22-04-2008 - 04:41 | |
| CVE-2008-1907 | 7.5 |
Multiple SQL injection vulnerabilities in functions/display_page.func.php in cpCommerce 1.1.0 allow remote attackers to execute arbitrary SQL commands via the (1) id_product, (2) id_manufacturer, and (3) id_category parameters to unspecified componen
|
29-09-2017 - 01:30 | 22-04-2008 - 04:41 | |
| CVE-2008-1906 | 4.3 |
Cross-site scripting (XSS) vulnerability in calendar.php in cpCommerce 1.1.0 allows remote attackers to inject arbitrary web script or HTML via the year parameter in a view.year action.
|
29-09-2017 - 01:30 | 22-04-2008 - 04:41 |