Vulnerabilities > Bugmall

DATE	CVE	VULNERABILITY TITLE	RISK
2007-06-27	CVE-2007-3448	Cross-Site Scripting vulnerability in Bugmall Shopping Cart Cross-site scripting (XSS) vulnerability in index.php in BugMall Shopping Cart 2.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the msgs parameter. network bugmall CWE-79	4.3
2007-06-27	CVE-2007-3447	SQL Injection vulnerability in Bugmall Shopping Cart 2.5 SQL injection vulnerability in BugMall Shopping Cart 2.5 and earlier allows remote attackers to execute arbitrary SQL commands via the "basic search box." NOTE: 4.0.2 and other versions might also be affected. network bugmall CWE-89	6.8
2007-06-27	CVE-2007-3446	Unspecified vulnerability in Bugmall Shopping Cart BugMall Shopping Cart 2.5 and earlier has a default username "demo" and password "demo," which allows remote attackers to obtain login access. network low complexity bugmall	7.5

Vulnerabilities > Bugmall {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Bugmall"}]}