CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Webasyst: >> Shop-Script >> 5.2.2.30933 Security Vulnerabilities

CVE-2014-8377

Cross-site scripting (XSS) vulnerability in Webasyst Shop-Script 5.2.2.30933 allows remote attackers to inject arbitrary web script or HTML via the phone number field in a new contact to phpecom/index.php/webasyst/contacts/.

CVSS Score

4.3

EPSS Score

0.002

Published

2014-10-21

CVE-2010-4859

SQL injection vulnerability in index.php in WebAsyst Shop-Script allows remote attackers to execute arbitrary SQL commands via the blog_id parameter in a news action.

CVSS Score

7.5

EPSS Score

0.003

Published

2011-10-05

Page 1

Vulnerabilities

Vulnerable Software

Webasyst: >> Shop-Script >> 5.2.2.30933 Security Vulnerabilities

Products

Pricing

Contact Us