CVE Vulnerabilities

CVE-2006-2474

Published: May 19, 2006 | Modified: Oct 18, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

SQL injection vulnerability in lshop.cgi in Cosmoshop 8.11.106 and earlier allows remote attackers to execute arbitrary SQL commands via the artnum parameter.

Affected Software

Name Vendor Start Version End Version
Cosmoshop Cosmoshop * 8.11.106
Cosmoshop Cosmoshop 8.10.78 8.10.78

References