RSS   Vulnerabilities for 'Eshop plugin'   RSS

2017-01-23
 
CVE-2016-0769

 

 
Multiple SQL injection vulnerabilities in eshop-orders.php in the eShop plugin 6.3.14 for WordPress allow (1) remote administrators to execute arbitrary SQL commands via the delid parameter or remote authenticated users to execute arbitrary SQL commands via the (2) view, (3) mark, or (4) change parameter.

 
 
CVE-2016-0765

 

 
Multiple cross-site scripting (XSS) vulnerabilities in eshop-orders.php in the eShop plugin 6.3.14 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) page or (2) action parameter.

 


Copyright 2019, cxsecurity.com

 

Back to Top