Back to search
CVE-2007-6466
Published: Dec 20, 2007
Modified: Aug 7, 2024
PUBLISHED
Description
Multiple SQL injection vulnerabilities in index.php in FreeWebshop 2.2.1 allow remote attackers to execute arbitrary SQL commands via (1) the prod parameter in a details action, (2) the cat parameter in a browse list action, or (3) the group parameter in a categories action. NOTE: it was later reported that MOG - Web Shop (MOG-WebShop), a product based on the same code, is also affected.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
3468
third-party-advisory
x_refsource_SREASON
4740
exploit
x_refsource_EXPLOIT-DB
http://newhack.org/advisories/FreeWebShop-2.2.1.txt
x_refsource_MISC
26886
vdb-entry
x_refsource_BID
4739
exploit
x_refsource_EXPLOIT-DB
mogwebshop-index-sql-injection(39143)
vdb-entry
x_refsource_XF
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now