Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
turnkey web tools sunshop shopping cart vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-2070
Multiple PHP remote file inclusion vulnerabilities in Turnkey Web Tools SunShop Shopping Cart prior to 3.5.1 allow remote malicious users to execute arbitrary PHP code via a URL in the abs_path parameter to (1) index.php or (2) checkout.php.
Turnkey Web Tools Sunshop Shopping Cart 3.5
Turnkey Web Tools Sunshop Shopping Cart
1 EDB exploit
NA
CVE-2007-2474
Multiple PHP remote file inclusion vulnerabilities in Turnkey Web Tools SunShop Shopping Cart 4.0 allow remote malicious users to execute arbitrary PHP code via a URL in the abs_path parameter to (1) include/payment/payflow_pro.php, (2) global.php, or (3) libsecure.php, different...
Turnkey Web Tools Sunshop Shopping Cart
1 EDB exploit
NA
CVE-2007-2547
Cross-site scripting (XSS) vulnerability in index.php in TurnkeyWebTools SunShop Shopping Cart 4.0 allows remote malicious users to inject arbitrary web script or HTML via the l parameter.
Turnkey Web Tools Sunshop Shopping Cart 4.0
1 EDB exploit
NA
CVE-2007-2548
Unspecified vulnerability in index.php in TurnkeyWebTools SunShop Shopping Cart 4.0 has unknown impact and an l remote attack vector, related to "Cookie Manipulation."
Turnkey Web Tools Sunshop Shopping Cart 4.0
NA
CVE-2007-2549
SQL injection vulnerability in index.php in TurnkeyWebTools SunShop Shopping Cart 4.0 allows remote malicious users to execute arbitrary SQL commands via the (1) c or (2) quantity parameter.
Turnkey Web Tools Sunshop Shopping Cart 4.0
1 EDB exploit
NA
CVE-2007-4597
SQL injection vulnerability in index.php in TurnkeyWebTools SunShop Shopping Cart 4.0 RC 6 allows remote malicious users to execute arbitrary SQL commands via the s[cid] parameter in a search_list action, a different vector than CVE-2007-2549.
Turnkey Web Tools Sunshop Shopping Cart 4.0
1 EDB exploit
NA
CVE-2008-2038
Multiple SQL injection vulnerabilities in admin/adminindex.php in Turnkey Web Tools SunShop Shopping Cart 4.1.0 allow remote authenticated administrators to execute arbitrary SQL commands via the (1) orderby and (2) sort parameters. NOTE: the provenance of this information is unk...
Turnkey Solutions Sunshop Shopping Cart 4.1.0
NA
CVE-2005-4787
Turnkey Web Tools SunShop Shopping Cart allows remote malicious users to obtain sensitive information via a phpinfo action to (1) index.php, (2) admin/index.php, and (3) admin/adminindex.php, which executes the PHP phpinfo function. NOTE: The vendor has disputed this issue, sayin...
Turnkey Solutions Sunshop Shopping Cart 3.0
NA
CVE-2008-3768
Multiple SQL injection vulnerabilities in class.ajax.php in Turnkey Web Tools SunShop Shopping Cart prior to 4.1.5 allow remote malicious users to execute arbitrary SQL commands via (1) the id parameter in an edit_registry action to index.php, (2) a vector involving the check_ema...
Turnkeywebtools Sunshop Shopping Cart 4.0.0
Turnkeywebtools Sunshop Shopping Cart 4.0.6
Turnkeywebtools Sunshop Shopping Cart 4.1.0
Turnkeywebtools Sunshop Shopping Cart 4.1.3
Turnkeywebtools Sunshop Shopping Cart 4.0.3
Turnkeywebtools Sunshop Shopping Cart 4.1.2
Turnkeywebtools Sunshop Shopping Cart 4.0.1
Turnkeywebtools Sunshop Shopping Cart 4.0.7
Turnkeywebtools Sunshop Shopping Cart 4.0.5
Turnkeywebtools Sunshop Shopping Cart 4.0.8
Turnkeywebtools Sunshop Shopping Cart 4.0.2
Turnkeywebtools Sunshop Shopping Cart 4.1.1
Turnkeywebtools Sunshop Shopping Cart
Turnkeywebtools Sunshop Shopping Cart 4.0.9
Turnkeywebtools Sunshop Shopping Cart 4.0.4
1 EDB exploit
NA
CVE-2008-2339
SQL injection vulnerability in index.php in Turnkey Web Tools SunShop Shopping Cart 3.5.1 allows remote malicious users to execute arbitrary SQL commands via the id parameter in an item action, a different vector than CVE-2008-2038, CVE-2007-4597, and CVE-2007-2549.
Turnkeywebtools Sunshop Shopping Cart 3.5.1
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started