CVE-2008-2447

Severity CVSS v4.0:
Pending analysis
Type:
CWE-89 SQL Injection
Publication date:
27/05/2008
Last modified:
09/04/2025

Description

SQL injection vulnerability in products.php in the Mytipper ZoGo-shop plugin 1.15.5 and 1.16 Beta 13 for e107 allows remote attackers to execute arbitrary SQL commands via the cat parameter.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:mytipper:zogo_shop:1.15.5:*:*:*:*:*:*:*
cpe:2.3:a:mytipper:zogo_shop:1.16:beta13:*:*:*:*:*:*