Vulnerabilities > Bigware

DATE CVE VULNERABILITY TITLE RISK
2012-10-08 CVE-2012-5317 SQL Injection vulnerability in Bigware Shop 2.0/2.1.4
SQL injection vulnerability in main_bigware_43.php in Bigware Shop before 2.1.5 allows remote attackers to execute arbitrary SQL commands via the lastname parameter in a process action.
network
low complexity
bigware CWE-89
7.5
2008-01-30 CVE-2008-0498 SQL Injection vulnerability in Bigware Shop 2.0
SQL injection vulnerability in main_bigware_53.tpl.php in Bigware Shop 2.0 allows remote attackers to execute arbitrary SQL commands via the pollid parameter in a results action to main_bigware_53.php.
network
low complexity
bigware CWE-89
7.5