Vulnerabilities > Peel > Peel Shopping > 2.9
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2012-10-01 | CVE-2012-5227 | SQL Injection vulnerability in Peel Shopping 2.8/2.9 SQL injection vulnerability in administrer/tva.php in Peel SHOPPING 2.8 and 2.9 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2012-10-01 | CVE-2012-5226 | Cross-Site Scripting vulnerability in Peel Shopping 2.8/2.9 Multiple cross-site scripting (XSS) vulnerabilities in Peel SHOPPING 2.8 and 2.9 allow remote attackers to inject arbitrary web script or HTML via the (1) motclef parameter to achat/recherche.php or (2) PATH_INFO to index.php. | 4.3 |