Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
turnkey web tools sunshop shopping cart vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2007-2070
Multiple PHP remote file inclusion vulnerabilities in Turnkey Web Tools SunShop Shopping Cart prior to 3.5.1 allow remote malicious users to execute arbitrary PHP code via a URL in the abs_path parameter to (1) index.php or (2) checkout.php.
Turnkey Web Tools Sunshop Shopping Cart 3.5
Turnkey Web Tools Sunshop Shopping Cart
1 EDB exploit
7.5
CVSSv2
CVE-2007-2474
Multiple PHP remote file inclusion vulnerabilities in Turnkey Web Tools SunShop Shopping Cart 4.0 allow remote malicious users to execute arbitrary PHP code via a URL in the abs_path parameter to (1) include/payment/payflow_pro.php, (2) global.php, or (3) libsecure.php, different...
Turnkey Web Tools Sunshop Shopping Cart
1 EDB exploit
7.5
CVSSv2
CVE-2007-4597
SQL injection vulnerability in index.php in TurnkeyWebTools SunShop Shopping Cart 4.0 RC 6 allows remote malicious users to execute arbitrary SQL commands via the s[cid] parameter in a search_list action, a different vector than CVE-2007-2549.
Turnkey Web Tools Sunshop Shopping Cart 4.0
1 EDB exploit
7.5
CVSSv2
CVE-2007-2549
SQL injection vulnerability in index.php in TurnkeyWebTools SunShop Shopping Cart 4.0 allows remote malicious users to execute arbitrary SQL commands via the (1) c or (2) quantity parameter.
Turnkey Web Tools Sunshop Shopping Cart 4.0
1 EDB exploit
4.3
CVSSv2
CVE-2007-2547
Cross-site scripting (XSS) vulnerability in index.php in TurnkeyWebTools SunShop Shopping Cart 4.0 allows remote malicious users to inject arbitrary web script or HTML via the l parameter.
Turnkey Web Tools Sunshop Shopping Cart 4.0
1 EDB exploit
6.4
CVSSv2
CVE-2007-2548
Unspecified vulnerability in index.php in TurnkeyWebTools SunShop Shopping Cart 4.0 has unknown impact and an l remote attack vector, related to "Cookie Manipulation."
Turnkey Web Tools Sunshop Shopping Cart 4.0
6.5
CVSSv2
CVE-2008-2038
Multiple SQL injection vulnerabilities in admin/adminindex.php in Turnkey Web Tools SunShop Shopping Cart 4.1.0 allow remote authenticated administrators to execute arbitrary SQL commands via the (1) orderby and (2) sort parameters. NOTE: the provenance of this information is unk...
Turnkey Solutions Sunshop Shopping Cart 4.1.0
5
CVSSv2
CVE-2005-4787
Turnkey Web Tools SunShop Shopping Cart allows remote malicious users to obtain sensitive information via a phpinfo action to (1) index.php, (2) admin/index.php, and (3) admin/adminindex.php, which executes the PHP phpinfo function. NOTE: The vendor has disputed this issue, sayin...
Turnkey Solutions Sunshop Shopping Cart 3.0
7.5
CVSSv2
CVE-2008-3768
Multiple SQL injection vulnerabilities in class.ajax.php in Turnkey Web Tools SunShop Shopping Cart prior to 4.1.5 allow remote malicious users to execute arbitrary SQL commands via (1) the id parameter in an edit_registry action to index.php, (2) a vector involving the check_ema...
Turnkeywebtools Sunshop Shopping Cart 4.0.5
Turnkeywebtools Sunshop Shopping Cart 4.0.6
Turnkeywebtools Sunshop Shopping Cart 4.1.3
Turnkeywebtools Sunshop Shopping Cart
Turnkeywebtools Sunshop Shopping Cart 4.0.1
Turnkeywebtools Sunshop Shopping Cart 4.0.2
Turnkeywebtools Sunshop Shopping Cart 4.0.9
Turnkeywebtools Sunshop Shopping Cart 4.1.0
Turnkeywebtools Sunshop Shopping Cart 4.0.0
Turnkeywebtools Sunshop Shopping Cart 4.0.7
Turnkeywebtools Sunshop Shopping Cart 4.0.8
Turnkeywebtools Sunshop Shopping Cart 4.0.3
Turnkeywebtools Sunshop Shopping Cart 4.0.4
Turnkeywebtools Sunshop Shopping Cart 4.1.1
Turnkeywebtools Sunshop Shopping Cart 4.1.2
1 EDB exploit
7.5
CVSSv2
CVE-2008-2339
SQL injection vulnerability in index.php in Turnkey Web Tools SunShop Shopping Cart 3.5.1 allows remote malicious users to execute arbitrary SQL commands via the id parameter in an item action, a different vector than CVE-2008-2038, CVE-2007-4597, and CVE-2007-2549.
Turnkeywebtools Sunshop Shopping Cart 3.5.1
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
firewall
CVE-2024-35649
stored XSS
CVE-2022-28654
CVE-2020-35153
CVE-2024-27348
CVE-2022-28652
local users
CVE-2017-3506
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started