Kansok Communications Shopweezle vulnerabilities
2 known vulnerabilities affecting kansok_communications/shopweezle.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2006-1706P3HIGHCVSS 7.5PoCv2.0v2.0_personal+2 more2006-04-11
CVE-2006-1706 [HIGH] CVE-2006-1706: Multiple SQL injection vulnerabilities in Shopweezle 2.0 allow remote attackers to execute arbitrary
Multiple SQL injection vulnerabilities in Shopweezle 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) itemID parameter to (a) login.php and (b) memo.php; and the (2) itemgr, (3) brandID, and (4) album parameters to (c) index.php. NOTE: this issue also produces resultant full path disclosure from invalid SQL queries.
nvd
CVE-2006-1707P4MEDIUMCVSS 5.0v2.0v2.0_personal+2 more2006-04-11
CVE-2006-1707 [MEDIUM] CVE-2006-1707: index.php in Shopweezle 2.0 allows remote attackers to include arbitrary local files via the url par
index.php in Shopweezle 2.0 allows remote attackers to include arbitrary local files via the url parameter.
nvd