RSS   Vulnerabilities for 'Digishop'   RSS

2006-10-05
 
CVE-2006-5164

CWE-Other
 

 
Multiple cross-site scripting (XSS) vulnerabilities in cart.php in Sum Effect Software digiSHOP 4.0 allow remote attackers to inject arbitrary web script or HTML via the (1) sortBy or (2) search parameters.

 
2005-12-31
 
CVE-2005-4614

 

 
Multiple SQL injection vulnerabilities in digiSHOP 3.1.17 and earlier allow remote attackers to execute arbitrary SQL commands or obtain the full installation path via (1) the c parameter in cart.php and (2) unspecified search module parameters.

 


Copyright 2024, cxsecurity.com

 

Back to Top