RSS   Vulnerabilities for 'Comdev ecommerce'   RSS

2007-06-06
 
CVE-2007-3081

CWE-Other
 

 
PHP remote file inclusion vulnerability in sampleecommerce.php in Comdev eCommerce 4.1 allows remote attackers to execute arbitrary PHP code via a URL in the path[docroot] parameter.

 
2005-08-10
 
CVE-2005-2544

 

 
PHP remote file inclusion vulnerability in config.php in Comdev eCommerce 3.0 allows remote attackers to execute arbitrary PHP code via the path[docroot] parameter.

 
 
CVE-2005-2543

 

 
Directory traversal vulnerability in wce.download.php in Comdev eCommerce 3.0 allows remote attackers to download arbitrary files via a .. (dot dot) in the download parameter.

 
2005-07-05
 
CVE-2005-2138

 

 
Cross-site scripting (XSS) vulnerability in index.php in Comdev eCommerce 3.0 and 3.1 allows remote attackers to inject arbitrary web script or HTML via Javascript in the onMouseOver event of an "A" tag in a review message.

 

 >>> Vendor: Comdev 11 Products
Comdev ecommerce
Comdev vote caster
Comdev csv importer
Comdev forum
Comdev misc tools
Comdev form designer
Comdev web blogger
Comdev one admin pro
Modules builder
Comdev news publisher
Jomestate pro


Copyright 2024, cxsecurity.com

 

Back to Top