cpe:/a:mytipper:zogo_shop:1.15.5 cpe:/a:mytipper:zogo_shop:1.16:beta13 CVE-2008-2447 2008-05-27T10:32:00.000-04:00 2017-09-28T21:31:10.367-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-05-27T12:22:00.000-04:00 ALLOWS_OTHER_ACCESS BID 29185 SECUNIA 30232 EXPLOIT-DB 5605 XF zogoshop-products-sql-injection(42384) SQL injection vulnerability in products.php in the Mytipper ZoGo-shop plugin 1.15.5 and 1.16 Beta 13 for e107 allows remote attackers to execute arbitrary SQL commands via the cat parameter.