Vulnerabilities > Maran > PHP Shop
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-02-26 | CVE-2008-6296 | Permissions, Privileges, and Access Controls vulnerability in Maran PHP Shop admin.php in Maran PHP Shop allows remote attackers to bypass authentication and gain administrative access by setting the user cookie to "demo." | 7.5 |
2008-11-04 | CVE-2008-4880 | SQL Injection vulnerability in Maran PHP Shop SQL injection vulnerability in prodshow.php in Maran PHP Shop allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2008-4879. | 7.5 |
2008-11-04 | CVE-2008-4879 | SQL Injection vulnerability in Maran PHP Shop SQL injection vulnerability in prod.php in Maran PHP Shop allows remote attackers to execute arbitrary SQL commands via the cat parameter, a different vector than CVE-2008-4880. | 7.5 |