Vulnerabilities > Looknet > Fineshop
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-06-27 | CVE-2006-3235 | Input Validation vulnerability in FineShop Multiple cross-site scripting (XSS) vulnerabilities in index.php in FineShop 3.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) promocja, (2) wysw, or (3) id_produc parameters. | 2.6 |
2006-06-27 | CVE-2006-3234 | Input Validation vulnerability in FineShop Multiple SQL injection vulnerabilities in index.php in FineShop 3.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) produkt, (2) id_produc, and (3) id_kat parameters. | 7.5 |