Ashopsoftware Ashop Deluxe vulnerabilities
2 known vulnerabilities affecting ashopsoftware/ashop_deluxe.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2008-3136P3HIGHCVSS 7.5PoCv42008-07-10
CVE-2008-3136 [HIGH] CWE-89 CVE-2008-3136: SQL injection vulnerability in catalogue.php in AShop Deluxe 4.x allows remote attackers to execute
SQL injection vulnerability in catalogue.php in AShop Deluxe 4.x allows remote attackers to execute arbitrary SQL commands via the cat parameter.
nvd
CVE-2007-0056P4MEDIUMCVSS 6.8PoCv4.52007-01-04
CVE-2007-0056 [MEDIUM] CVE-2007-0056: Multiple cross-site scripting (XSS) vulnerabilities in AShop Deluxe 4.5 and AShop Administration Pan
Multiple cross-site scripting (XSS) vulnerabilities in AShop Deluxe 4.5 and AShop Administration Panel allow remote attackers to inject arbitrary web script or HTML via the (1) cat parameter to (a) ashop/catalogue.php and (b) ashop/basket.php, the (2) exp parameter to ashop/catalogue.php, the (3) searchstring parameter to (c) ashop/search.php, the (4) checkou
nvd