MidnightBSD

Advisories for marmaraweb

CVE-2005-4287 HIGH

PHP remote file include vulnerability in MarmaraWeb E-commerce allows remote attackers to execute arbitrary code via the page parameter to index.php.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
marmaraweb marmaraweb_e-commerce *
CVE-2005-4288 MEDIUM

Cross-site scripting (XSS) vulnerability in index.php in MarmaraWeb E-commerce allows remote attackers to inject arbitrary web script or HTML via the page parameter to index.php. NOTE: this might be resultant from CVE-2005-4287.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
marmaraweb marmaraweb_e-commerce *