Comdev Ecommerce

comdev_ecommerce

Vendor: Comdev • 4 CVEs

CVEs (4)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2007-3081 1Comdev 1Comdev Ecommerce Apr 23, 2026 Jun 6, 2007 N/A· v4 N/A· v3 7.5 HIGH· v2 PHP remote file inclusion vulnerability in sampleecommerce.php in Comdev eCommerce 4.1 allows remote attackers to execute arbitrary PHP code via a URL in the path[docroot] parameter.
CVE-2005-2544 1Comdev 1Comdev Ecommerce Apr 16, 2026 Aug 10, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 PHP remote file inclusion vulnerability in config.php in Comdev eCommerce 3.0 allows remote attackers to execute arbitrary PHP code via the path[docroot] parameter.
CVE-2005-2543 1Comdev 1Comdev Ecommerce Apr 16, 2026 Aug 10, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Directory traversal vulnerability in wce.download.php in Comdev eCommerce 3.0 allows remote attackers to download arbitrary files via a .. (dot dot) in the download parameter.
CVE-2005-2138 1Comdev 1Comdev Ecommerce Apr 16, 2026 Jul 5, 2005 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Cross-site scripting (XSS) vulnerability in index.php in Comdev eCommerce 3.0 and 3.1 allows remote attackers to inject arbitrary web script or HTML via Javascript in the onMouseOver event of an "A" tag in a review messa...Show more Cross-site scripting (XSS) vulnerability in index.php in Comdev eCommerce 3.0 and 3.1 allows remote attackers to inject arbitrary web script or HTML via Javascript in the onMouseOver event of an "A" tag in a review message.Show less