Vulnerabilities > SUM Effect Software
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-10-05 | CVE-2006-5164 | Cross-Site Scripting vulnerability in SUM Effect Software Digishop 4.0 Multiple cross-site scripting (XSS) vulnerabilities in cart.php in Sum Effect Software digiSHOP 4.0 allow remote attackers to inject arbitrary web script or HTML via the (1) sortBy or (2) search parameters. network sum-effect-software | 6.8 |
2005-12-31 | CVE-2005-4614 | SQL-Injection vulnerability in digiSHOP Multiple SQL injection vulnerabilities in digiSHOP 3.1.17 and earlier allow remote attackers to execute arbitrary SQL commands or obtain the full installation path via (1) the c parameter in cart.php and (2) unspecified search module parameters. | 7.5 |