| Max CVSS | 6.8 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2008-3770 | 6.8 |
Multiple directory traversal vulnerabilities in Freeway 1.4.1.171, when register_globals is enabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language parameter to (1) includes/events_application_t
|
11-10-2018 - 20:49 | 22-08-2008 - 16:41 | |
| CVE-2008-3841 | 4.3 |
Cross-site scripting (XSS) vulnerability in admin/search_links.php in Freeway eCommerce 1.4.1.171 allows remote attackers to inject arbitrary web script or HTML via the search_link parameter.
|
11-10-2018 - 20:49 | 27-08-2008 - 20:41 | |
| CVE-2008-3769 | 6.8 |
PHP remote file inclusion vulnerability in admin/create_order_new.php in Freeway 1.4.1.171, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the include_page parameter.
|
11-10-2018 - 20:49 | 22-08-2008 - 16:41 | |
| CVE-2008-3678 | 4.3 |
Cross-site scripting (XSS) vulnerability in admin/search_links.php in Freeway before 1.4.2.197 allows remote attackers to inject arbitrary web script or HTML via the URL.
|
08-08-2017 - 01:32 | 14-08-2008 - 19:41 | |
| CVE-2008-3677 | 6.8 |
Directory traversal vulnerability in includes/events_application_top.php in Freeway before 1.4.2.197 allows remote attackers to include and execute arbitrary local files via unspecified vectors. Additional sources found during analysis:
http://xfo
|
08-08-2017 - 01:32 | 14-08-2008 - 19:41 |