Multiple cross-site scripting (XSS) vulnerabilities in index.php in FineShop 3.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) promocja, (2) wysw, or (3) id_produc parameters.
Max CVSS
2.6
EPSS Score
0.59%
Published
2006-06-27
Updated
2017-07-20
Multiple SQL injection vulnerabilities in index.php in FineShop 3.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) produkt, (2) id_produc, and (3) id_kat parameters.
Max CVSS
7.5
EPSS Score
0.57%
Published
2006-06-27
Updated
2017-07-20
2 vulnerabilities found