Every CVE whose affected-product data names Freewebshop, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (10)
CVE-2007-6711 — CVSS 10.0 (critical): Unspecified vulnerability in customer.php in FreeWebshop.org 2.2.5, 2.2.6 and 2.2.7WIP1/2 allows remote attackers to gain administrator…
CVE-2006-5772 — CVSS 7.5 (high): Multiple SQL injection vulnerabilities in index.php in FreeWebshop 2.2.1 and earlier allow remote attackers to execute arbitrary SQL…
CVE-2007-0531 — CVSS 7.5 (high): PHP remote file inclusion vulnerability in includes/login.php in FreeWebShop 2.2.3 and 2.2.4 before 20070123 allows remote attackers to…
CVE-2007-6466 — CVSS 7.5 (high): Multiple SQL injection vulnerabilities in index.php in FreeWebshop 2.2.1 allow remote attackers to execute arbitrary SQL commands via (1)…
CVE-2009-2338 — CVSS 6.8 (medium): Directory traversal vulnerability in includes/startmodules.inc.php in FreeWebshop.org 2.2.9 R2, when register_globals is enabled, allows…
CVE-2006-5846 — CVSS 6.4 (medium): Directory traversal vulnerability in index.php in FreeWebshop 2.2.2 and earlier allows remote attackers to read and include arbitrary files…
CVE-2006-5847 — CVSS 6.1 (medium): Cross-site scripting (XSS) vulnerability in index.php in FreeWebshop 2.2.2 and earlier allows remote attackers to inject arbitrary web…
CVE-2006-6941 — CVSS 5.0 (medium): index.php in FreeWebshop 2.2.2 and earlier allows remote attackers to obtain sensitive information via an invalid action parameter in an…
CVE-2011-5147 — CVSS 5.0 (medium): Static code injection vulnerability in ajax_save_name.php in the Ajax File Manager module in the tinymce plugin in FreeWebshop 2.2.9 R2 and…
CVE-2006-5773 — CVSS 5.0 (medium): Directory traversal vulnerability in index.php in FreeWebshop 2.2.1 and earlier allows remote attackers to read arbitrary files and…