Vulnerabilities > Kansok Communications
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-04-11 | CVE-2006-1707 | Remote Security vulnerability in Shopweezle index.php in Shopweezle 2.0 allows remote attackers to include arbitrary local files via the url parameter. | 5.0 |
2006-04-11 | CVE-2006-1706 | SQL Injection vulnerability in ShopWeezle Multiple SQL injection vulnerabilities in Shopweezle 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) itemID parameter to (a) login.php and (b) memo.php; and the (2) itemgr, (3) brandID, and (4) album parameters to (c) index.php. | 7.5 |