My123Tkshop E-Commerce-Suite vulnerabilities
2 known vulnerabilities affecting my123tkshop/e-commerce-suite.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH2
Vulnerabilities
Page 1 of 1
CVE-2007-6458P3HIGHCVSS 7.5PoCv0.9.12007-12-20
CVE-2007-6458 [HIGH] CWE-89 CVE-2007-6458: SQL injection vulnerability in shop/mainfile.php in 123tkShop 0.9.1 allows remote attackers to execu
SQL injection vulnerability in shop/mainfile.php in 123tkShop 0.9.1 allows remote attackers to execute arbitrary SQL commands via a base64-encoded value of the admin parameter to shop/admin.php.
nvd
CVE-2008-2020P4HIGHCVSS 7.5v0.9.12008-04-30
CVE-2008-2020 [HIGH] CWE-330 CVE-2008-2020: The CAPTCHA implementation as used in (1) Francisco Burzi PHP-Nuke 7.0 and 8.1, (2) my123tkShop e-Co
The CAPTCHA implementation as used in (1) Francisco Burzi PHP-Nuke 7.0 and 8.1, (2) my123tkShop e-Commerce-Suite (aka 123tkShop) 0.9.1, (3) phpMyBitTorrent 1.2.2, (4) TorrentFlux 2.3, (5) e107 0.7.11, (6) WebZE 0.5.9, (7) Open Media Collectors Database (aka OpenDb) 1.5.0b4, and (8) Labgab 1.1 uses a code_bg.jpg background image and the PHP ImageString f
nvd