Cosmoshop : Security Vulnerabilities, CVEs, Published In 2006
Directory traversal vulnerability in (1) edit_mailtexte.cgi and (2) bestmail.cgi in Cosmoshop 8.11.106 and earlier allows remote administrators to read arbitrary files via ".." sequences in the file parameter.
Max CVSS
7.8
EPSS Score
0.37%
Published
2006-05-19
Updated
2018-10-18
SQL injection vulnerability in lshop.cgi in Cosmoshop 8.11.106 and earlier allows remote attackers to execute arbitrary SQL commands via the artnum parameter.
Max CVSS
7.5
EPSS Score
0.78%
Published
2006-05-19
Updated
2018-10-18
2 vulnerabilities found