PT-2005-3665 · Cosmoshop · Cosmoshop

L0Om

·

Published

2005-09-02

·

Updated

2017-07-11

·

CVE-2005-2784

CVSS v2.0

7.5

High

VectorAV:N/AC:L/Au:N/C:P/I:P/A:P
Name of the Vulnerable Software and Affected Versions cosmoshop version 8.10.78
Description The issue allows remote attackers to execute arbitrary SQL commands and bypass authentication.
Recommendations For cosmoshop version 8.10.78, update to a version that fixes the SQL injection vulnerability in the login function.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Related Identifiers

CVE-2005-2784

Affected Products

Cosmoshop