Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cs-cart cs-cart 1.1 vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2008-6394
SQL injection vulnerability in core/user.php in CS-Cart 1.3.5 and previous versions allows remote malicious users to execute arbitrary SQL commands via the cs_cookies[customer_user_id] cookie parameter.
Cs-cart Cs-cart 1.3.2
Cs-cart Cs-cart 1.3.3
Cs-cart Cs-cart 1.2
Cs-cart Cs-cart 1.1
Cs-cart Cs-cart 1.3.0
Cs-cart Cs-cart
1 EDB exploit
655
VMScore
CVE-2009-2579
SQL injection vulnerability in reward_points.post.php in the Reward points addon in CS-Cart prior to 2.0.6 allows remote authenticated users to execute arbitrary SQL commands via the sort_order parameter in a reward_points.userlog action to index.php, a different vulnerability th...
Cs-cart Cs-cart 1.3.2
Cs-cart Cs-cart 2.0
Cs-cart Cs-cart 1.2
Cs-cart Cs-cart 1.1
Cs-cart Cs-cart 2.0.4
Cs-cart Cs-cart 1.3.5
Cs-cart Cs-cart 1.3.0
Cs-cart Cs-cart 1.3.3
Cs-cart Cs-cart
Cs-cart Cs-cart 1.3.5sp3
Cs-cart Cs-cart 1.3.5sp2
1 EDB exploit
NA
CVE-2020-9009
The ShipStation.com plugin 1.1 and previous versions for CS-Cart allows remote malicious users to insert arbitrary information into the database (via action=shipnotify) because access to this endpoint is completely unchecked. The attacker must guess an order number.
Shipstation Shipstation
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started