CVE-2007-4932
Shop-script < 2.0 - Improper Input Validation
Title source: ruleDescription
admin.php in Shop-Script FREE 2.0 and earlier sends a redirect to the web browser but does not exit when administrative credentials are missing, which allows remote attackers to access the admin panel.
Exploits (1)
References (5)
Scores
EPSS
0.0496
EPSS Percentile
89.7%
Details
CWE
CWE-20
Status
published
Products (1)
shop-script/shop-script
< 2.0
Published
Sep 18, 2007
Tracked Since
Feb 18, 2026