Watersweb Shops Shop Kit Plus — known CVE vulnerabilities
Every CVE whose affected-product data names Watersweb Shops Shop Kit Plus, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2007-1127 — CVSS 6.4 (medium): Directory traversal vulnerability in enc/stylecss.php in shopkitplus allows remote attackers to read arbitrary files via a .. (dot dot) in…
CVE-2007-1128 — CVSS 5.0 (medium): shopkitplus allows remote attackers to obtain sensitive information via a request to (1) events.php with a curmonth[]=01 query string or…