Vulnerabilities > Webasyst LLC

DATE	CVE	VULNERABILITY TITLE	RISK
2010-04-16	CVE-2010-1463	SQL Injection vulnerability in Webasyst LLC Shop-Script Multiple SQL injection vulnerabilities in WebAsyst Shop-Script FREE allow attackers to execute arbitrary SQL commands via the (1) add2cart, (2) c_id, (3) categoryID, (4) list_price, (5) name, (6) new_offer, (7) price, (8) product_code, (9) productID, (10) rating, and (11) save_product parameters. network low complexity webasyst-llc CWE-89	7.5
2010-04-16	CVE-2010-1462	Path Traversal vulnerability in Webasyst LLC Shop-Script Directory traversal vulnerability in WebAsyst Shop-Script FREE has unknown impact and attack vectors via the sub parameter. network low complexity webasyst-llc CWE-22 critical	10.0
2007-04-03	CVE-2007-1855	Remote Security vulnerability in Shop-Script Multiple PHP remote file inclusion vulnerabilities in smarty/smarty_class.php in Shop-Script FREE allow remote attackers to execute arbitrary PHP code via a URL in the (1) _smarty_compile_path, (2) smarty_compile_path, (3) get_plugin_filepath, (4) smarty_dir, and (5) filename parameters. network low complexity webasyst-llc	7.5
2006-10-27	CVE-2006-5566	HTTP Response Splitting vulnerability in Shop-Script CRLF injection vulnerability in premium/index.php in Shop-Script allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the (1) links_exchange, (2) news, (3) search_with_change_category_ability, (4) logging, (5) feedback, (6) show_price, (7) register, (8) answer, (9) productID, and (10) inside parameters. network low complexity webasyst-llc	5.0

Vulnerabilities > Webasyst LLC {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Webasyst LLC"}]}

Vulnerabilities > Webasyst LLC