Every CVE whose affected-product data names Openfreeway Freeway, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2008-6013 — CVSS 7.5 (high): Multiple SQL injection vulnerabilities in Freeway before 1.4.3.210 allow remote attackers to execute arbitrary SQL commands via unspecified…
CVE-2010-2925 — CVSS 7.5 (high): SQL injection vulnerability in index.php in Freeway CMS 1.4.3.210 allows remote attackers to execute arbitrary SQL commands via the ecPath…
CVE-2008-3769 — CVSS 6.8 (medium): PHP remote file inclusion vulnerability in admin/create_order_new.php in Freeway 1.4.1.171, when register_globals is enabled, allows remote…
CVE-2008-3770 — CVSS 6.8 (medium): Multiple directory traversal vulnerabilities in Freeway 1.4.1.171, when register_globals is enabled, allow remote attackers to include and…
CVE-2008-3677 — CVSS 6.8 (medium): Directory traversal vulnerability in includes/events_application_top.php in Freeway before 1.4.2.197 allows remote attackers to include and…
CVE-2011-3739 — CVSS 5.0 (medium): Freeway 1.5 Alpha allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the…
CVE-2008-3841 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in admin/search_links.php in Freeway eCommerce 1.4.1.171 allows remote attackers to inject…