Vulnerabilities > Sharky E Shop
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-06-23 | CVE-2006-3188 | SQL-Injection vulnerability in Sharky E-Shop Multiple SQL injection vulnerabilities in Sharky e-shop 3.05 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) maingroup and (2) secondgroup parameters to (a) search_prod_list.asp, and the (3) maingroup parameter to (b) meny2.asp. | 7.5 |
2006-06-23 | CVE-2006-3187 | Cross-Site Scripting vulnerability in Sharky E-Shop Search_Prod_List.ASP Multiple cross-site scripting (XSS) vulnerabilities in Sharky e-shop 3.05 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) maingroup and (2) secondgroup parameters to (a) search_prod_list.asp, and the (3) maingroup parameter to (b) meny2.asp. network sharky-e-shop | 4.3 |