Known Vulnerabilities for products from Cosmoshop
Listed below are 6 of the newest known vulnerabilities associated with the vendor "Cosmoshop".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2015-2103 json | Cross-site scripting (XSS) vulnerability in the admin-login panel (admin/index.cgi) in Cosmoshop allows remote attackers to i... | Not Provided | 2015-02-27 | 2026-05-06 |
| CVE-2006-2475 json | Directory traversal vulnerability in (1) edit_mailtexte.cgi and (2) bestmail.cgi in Cosmoshop 8.11.106 and earlier allows rem... | 7.8 - HIGH | 2006-05-19 | 2018-10-18 |
| CVE-2006-2474 json | SQL injection vulnerability in lshop.cgi in Cosmoshop 8.11.106 and earlier allows remote attackers to execute arbitrary SQL c... | 7.5 - HIGH | 2006-05-19 | 2018-10-18 |
| CVE-2005-2786 json | Directory traversal vulnerability in bestmail_edit.cgi in cosmoshop 8.10.78 and earlier allows remote administrators to read ... | Not Provided | 2005-09-02 | 2025-04-03 |
| CVE-2005-2785 json | cosmoshop 8.10.78 and earlier stores passwords in plaintext in the database, which allows local users to obtain sensitive inf... | Not Provided | 2005-09-02 | 2025-04-03 |
| CVE-2005-2784 json | SQL injection vulnerability in the login function for the administration login panel in cosmoshop 8.10.78 allows remote attac... | Not Provided | 2005-09-02 | 2025-04-03 |
Known software with vulnerabilities from Cosmoshop
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Cosmoshop | Cosmoshop | - |