| Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2008-3770 | 6.8 |
Multiple directory traversal vulnerabilities in Freeway 1.4.1.171, when register_globals is enabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language parameter to (1) includes/events_application_t
|
11-10-2018 - 20:49 | 22-08-2008 - 16:41 | |
| CVE-2008-3841 | 4.3 |
Cross-site scripting (XSS) vulnerability in admin/search_links.php in Freeway eCommerce 1.4.1.171 allows remote attackers to inject arbitrary web script or HTML via the search_link parameter.
|
11-10-2018 - 20:49 | 27-08-2008 - 20:41 | |
| CVE-2008-3769 | 6.8 |
PHP remote file inclusion vulnerability in admin/create_order_new.php in Freeway 1.4.1.171, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the include_page parameter.
|
11-10-2018 - 20:49 | 22-08-2008 - 16:41 | |
| CVE-2008-6013 | 7.5 |
Multiple SQL injection vulnerabilities in Freeway before 1.4.3.210 allow remote attackers to execute arbitrary SQL commands via unspecified vectors involving the (1) advanced search result and (2) service resource pages.
|
08-08-2017 - 01:33 | 30-01-2009 - 18:30 |