Comdev Ecommerce vulnerabilities
4 known vulnerabilities affecting comdev/comdev_ecommerce.
Total CVEs
4
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM3
Vulnerabilities
Page 1 of 1
CVE-2005-2543P4MEDIUMCVSS 5.0PoCv3.02005-08-10
CVE-2005-2543 [MEDIUM] CVE-2005-2543: Directory traversal vulnerability in wce.download.php in Comdev eCommerce 3.0 allows remote attacker
Directory traversal vulnerability in wce.download.php in Comdev eCommerce 3.0 allows remote attackers to download arbitrary files via a .. (dot dot) in the download parameter.
nvd
CVE-2007-3081P3HIGHCVSS 7.5v4.12007-06-06
CVE-2007-3081 [HIGH] CVE-2007-3081: PHP remote file inclusion vulnerability in sampleecommerce.php in Comdev eCommerce 4.1 allows remote
PHP remote file inclusion vulnerability in sampleecommerce.php in Comdev eCommerce 4.1 allows remote attackers to execute arbitrary PHP code via a URL in the path[docroot] parameter.
nvd
CVE-2005-2544P4MEDIUMCVSS 5.0v3.02005-08-10
CVE-2005-2544 [MEDIUM] CVE-2005-2544: PHP remote file inclusion vulnerability in config.php in Comdev eCommerce 3.0 allows remote attacker
PHP remote file inclusion vulnerability in config.php in Comdev eCommerce 3.0 allows remote attackers to execute arbitrary PHP code via the path[docroot] parameter.
nvd
CVE-2005-2138P4MEDIUMCVSS 4.3v3.0v3.12005-07-05
CVE-2005-2138 [MEDIUM] CVE-2005-2138: Cross-site scripting (XSS) vulnerability in index.php in Comdev eCommerce 3.0 and 3.1 allows remote
Cross-site scripting (XSS) vulnerability in index.php in Comdev eCommerce 3.0 and 3.1 allows remote attackers to inject arbitrary web script or HTML via Javascript in the onMouseOver event of an "A" tag in a review message.
nvd