Bigware » Bigware Shop : Security Vulnerabilities, CVEs,
SQL injection vulnerability in main_bigware_43.php in Bigware Shop before 2.1.5 allows remote attackers to execute arbitrary SQL commands via the lastname parameter in a process action.
Max CVSS
7.5
EPSS Score
0.25%
Published
2012-10-08
Updated
2012-10-24
SQL injection vulnerability in main_bigware_53.tpl.php in Bigware Shop 2.0 allows remote attackers to execute arbitrary SQL commands via the pollid parameter in a results action to main_bigware_53.php.
Max CVSS
7.5
EPSS Score
0.09%
Published
2008-01-30
Updated
2017-09-29
2 vulnerabilities found