Vulnerabilities > Mhproducts

DATE CVE VULNERABILITY TITLE RISK
2011-09-27 CVE-2010-4847 SQL Injection vulnerability in Mhproducts MHP Downloadshop
SQL injection vulnerability in view_item.php in MH Products MHP Downloadshop allows remote attackers to execute arbitrary SQL commands via the ItemID parameter.
network
low complexity
mhproducts CWE-89
7.5
7.5
2011-09-27 CVE-2010-4846 SQL Injection vulnerability in Mhproducts PAY PAL Shop Digital
SQL injection vulnerability in view_item.php in MH Products Pay Pal Shop Digital allows remote attackers to execute arbitrary SQL commands via the ItemID parameter.
network
low complexity
mhproducts CWE-89
7.5
7.5
2011-09-27 CVE-2010-4845 SQL Injection vulnerability in Mhproducts Projekt Shop
Multiple SQL injection vulnerabilities in MH Products Projekt Shop allow remote attackers to execute arbitrary SQL commands via the (1) ts parameter to details.php and possibly the (2) ilceler parameter to index.php.
network
low complexity
mhproducts CWE-89
7.5
7.5
2011-09-27 CVE-2010-4844 SQL Injection vulnerability in Mhproducts Easy Online Shop
SQL injection vulnerability in content.php in MH Products Easy Online Shop allows remote attackers to execute arbitrary SQL commands via the kat parameter.
network
low complexity
mhproducts CWE-89
7.5
7.5
2011-09-27 CVE-2010-4842 SQL Injection vulnerability in Mhproducts Download Center 2.2
SQL injection vulnerability in admin/login.php in MHP DownloadScript (aka MH Products Download Center) 2.2 allows remote attackers to execute arbitrary SQL commands via the Name parameter.
network
low complexity
mhproducts CWE-89
7.5
7.5
2011-02-01 CVE-2010-4721 SQL Injection vulnerability in Mhproducts Immo Makler
SQL injection vulnerability in news.php in Immo Makler allows remote attackers to execute arbitrary SQL commands via the id parameter.
network
low complexity
mhproducts CWE-89
7.5
7.5
2010-12-29 CVE-2010-4614 SQL Injection vulnerability in Mhproducts ERO Auktion 2010
SQL injection vulnerability in item.php in Ero Auktion 2010 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2010-0723.
network
low complexity
mhproducts CWE-89
7.5
7.5
2010-02-26 CVE-2010-0723 SQL Injection vulnerability in Mhproducts ERO Auktion 2.0/2010
SQL injection vulnerability in news.php in Ero Auktion 2.0 and 2010 allows remote attackers to execute arbitrary SQL commands via the id parameter.
network
low complexity
mhproducts CWE-89
7.5
7.5
2010-02-26 CVE-2010-0722 SQL Injection vulnerability in Mhproducts PHP Auktion PRO
SQL injection vulnerability in news.php in Php Auktion Pro allows remote attackers to execute arbitrary SQL commands via the id parameter.
network
low complexity
mhproducts CWE-89
7.5
7.5