Shodan
Vulnerabilities
Vulnerable Software
Picturespro:  >> Picturespro Photo Cart  >> 3.9  Security Vulnerabilities
CVE-2008-3786
Cross-site scripting (XSS) vulnerability in index.php in PICTURESPRO Photo Cart 3.9 allows remote attackers to inject arbitrary web script or HTML via the qtitle parameter (aka "Gallery or event name" field) in a search action.
CVSS Score
4.3
EPSS Score
0.002
Published
2008-08-26
CVE-2008-3788
Multiple SQL injection vulnerabilities in PICTURESPRO Photo Cart 3.9, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) qtitle, (2) qid, and (3) qyear parameters to (a) search.php, and the (4) email and (5) password parameters to (b) _login.php.
CVSS Score
6.8
EPSS Score
0.002
Published
2008-08-26
CVE-2006-6093
Multiple PHP remote file inclusion vulnerabilities in adminprint.php in PicturesPro Photo Cart 3.9 allow remote attackers to execute arbitrary PHP code via a URL in the (1) admin_folder and (2) path parameters.
CVSS Score
7.5
EPSS Score
0.06
Published
2006-11-24


Products
Pricing
Contact Us

Shodan ® - All rights reserved