Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
a-cart vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2006-2948
A-CART 2.0 stores the acart2_0.mdb file under the web document root with insufficient access control, which allows remote malicious users to obtain username and password information.
Alan Ward A-cart
7.5
CVSSv2
CVE-2006-6111
Multiple SQL injection vulnerabilities in Alan Ward A-Cart Pro 2.0 allow remote malicious users to execute arbitrary SQL commands via the (1) productid parameter in product.asp or (2) search parameter in search.asp. NOTE: the category.asp vector is already covered by CVE-2004-187...
Alan Ward A-cart 2.0
1 EDB exploit
7.5
CVSSv2
CVE-2004-1873
SQL injection vulnerability in category.asp in A-CART Pro and A-CART 2.0 allows remote malicious users to gain privileges via the catcode parameter.
Alan Ward A-cart 2.0
2 EDB exploits
4.3
CVSSv2
CVE-2004-1874
Multiple cross-site scripting (XSS) vulnerabilities in (1) deliver.asp and (2) billing.asp in A-CART Pro and A-CART 2.0 allow remote malicious users to inject arbitrary web script or HTML via the user information forms.
Alan Ward A-cart 2.0
5
CVSSv2
CVE-2002-1432
MidiCart stores the midicart.mdb database file under the Web document root, which allows remote malicious users to steal sensitive information by directly requesting the database.
Coxco Support Salescart-pro
Coxco Support Salescart-std
Coxco Support Metacart 2.sql
Coxco Support Midicart Asp Maxi
Coxco Support A-cart 2.0
Coxco Support Midicart Asp
Coxco Support Midicart Asp Plus
1 EDB exploit
10
CVSSv2
CVE-2013-2060
The download_from_url function in OpenShift Origin allows remote malicious users to execute arbitrary commands via shell metacharacters in the URL of a request to download a cart.
Redhat Openshift 1.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
firmware
CVE-2006-4304
CVE-2024-32878
CVE-2024-31502
XSS
CVE-2024-3059
CVE-2024-33692
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started