Vulnerabilities > Powergap
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-08-10 | CVE-2008-3561 | SQL Injection vulnerability in Powergap Shopsystem SQL injection vulnerability in s03.php in Powergap Shopsystem, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the ag parameter. | 6.8 |
2006-08-21 | CVE-2006-4236 | Remote File Include vulnerability in Powergap Multiple PHP remote file inclusion vulnerabilities in POWERGAP allow remote attackers to execute arbitrary PHP code via a URL in the (1) shopid parameter to (a) s01.php, (b) s02.php, (c) s03.php, and (d) s04.php; and possibly a URL located after "shopid=" or "sid=" in the PATH_INFO. | 7.5 |