Vulnerabilities > Shopex > Ecshop

DATE CVE VULNERABILITY TITLE RISK
2021-06-16 CVE-2020-22204 SQL Injection vulnerability in Shopex Ecshop 2.7.6
SQL Injection in ECShop 2.7.6 via the goods_number parameter to flow.php.
network
low complexity
shopex CWE-89
7.5
2021-06-16 CVE-2020-22205 SQL Injection vulnerability in Shopex Ecshop 3.0
SQL Injection in ECShop 3.0 via the id parameter to admin/shophelp.php.
network
low complexity
shopex CWE-89
7.5
2021-06-16 CVE-2020-22206 SQL Injection vulnerability in Shopex Ecshop 3.0
SQL Injection in ECShop 3.0 via the aid parameter to admin/affiliate_ck.php.
network
low complexity
shopex CWE-89
7.5
2010-05-25 CVE-2010-2042 SQL Injection vulnerability in Shopex Ecshop 2.7.2
SQL injection vulnerability in search.php in ECShop 2.7.2 allows remote attackers to execute arbitrary SQL commands via the encode parameter.
network
low complexity
shopex CWE-89
7.5