Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
remote cart remote cart vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-5962
Multiple SQL injection vulnerabilities in Hpecs Shopping Cart allow remote malicious users to execute arbitrary SQL commands via the (1) Username and (2) Password fields in the (a) login screen, and (3) searchstring parameter in (b) insearch_list.asp.
Hpecs Shopping Cart Hpecs Shopping Cart
1 EDB exploit
NA
CVE-2006-4215
PHP remote file inclusion vulnerability in index.php in Zen Cart 1.3.0.2 and previous versions, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the autoLoadConfig[999][0][loadFile] parameter.
Zen Cart Zen Cart
1 EDB exploit
NA
CVE-2010-1541
Multiple cross-site scripting (XSS) vulnerabilities in DFD Cart 1.198, 1.197, and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) category and (2) list_quantity parameters to index.php, and the (3) category parameter to your.order...
Dragonfrugal Dfd Cart 1.192
Dragonfrugal Dfd Cart 1.194
Dragonfrugal Dfd Cart 1.193
Dragonfrugal Dfd Cart 1.195
Dragonfrugal Dfd Cart 1.196
Dragonfrugal Dfd Cart 1.197
Dragonfrugal Dfd Cart
Dragonfrugal Dfd Cart 1.1.4
Dragonfrugal Dfd Cart 1.1.5
Dragonfrugal Dfd Cart 1.1.6
Dragonfrugal Dfd Cart 1.1.7
Dragonfrugal Dfd Cart 1.1.8
NA
CVE-2010-1542
Multiple cross-site request forgery (CSRF) vulnerabilities in admin/configure.php in DFD Cart 1.198, 1.197, and previous versions allow remote malicious users to hijack the authentication of administrators for requests that (1) conduct cross-site scripting (XSS) attacks or (2) ch...
Dragonfrugal Dfd Cart 1.1.8
Dragonfrugal Dfd Cart 1.193
Dragonfrugal Dfd Cart
Dragonfrugal Dfd Cart 1.1.4
Dragonfrugal Dfd Cart 1.1.5
Dragonfrugal Dfd Cart 1.1.6
Dragonfrugal Dfd Cart 1.1.7
Dragonfrugal Dfd Cart 1.192
Dragonfrugal Dfd Cart 1.194
Dragonfrugal Dfd Cart 1.195
Dragonfrugal Dfd Cart 1.196
Dragonfrugal Dfd Cart 1.197
8.8
CVSSv3
CVE-2017-2138
Cross-site request forgery (CSRF) vulnerability in CS-Cart Japanese Edition v4.3.10 and previous versions (excluding v2 and v3), CS-Cart Multivendor Japanese Edition v4.3.10 and previous versions (excluding v2 and v3) allows remote malicious users to hijack the authentication of ...
Cs-cart Cs-cart Multivendor
Cs-cart Cs-cart
NA
CVE-2004-2023
SQL injection vulnerability in login.php in Zen Cart 1.1.2d, 1.1.4 before patch 1, and possibly other versions allows remote malicious users to execute arbitrary SQL via the (1) admin_name or (2) admin_pass parameters.
Zen Cart Zen Cart 1.1.2d
Zen Cart Zen Cart 1.1.4
NA
CVE-2009-4321
extras/curltest.php in Zen Cart 1.3.8 and 1.3.8a, and possibly other versions, allows remote malicious users to read arbitrary files via a file:// URI. NOTE: some of these details are obtained from third party information.
Zen-cart Zen Cart 1.3.8a
Zen-cart Zen Cart 1.3.8
NA
CVE-2008-6878
Directory traversal vulnerability in admin/includes/languages/english.php in Zen Cart 1.3.8a, 1.3.8, and previous versions, when .htaccess is not supported, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the _SESSION[language] par...
Zen Cart Zen Cart 1.3.8
Zen Cart Zen Cart 1.3.8a
NA
CVE-2008-6877
Directory traversal vulnerability in admin/includes/initsystem.php in Zen Cart 1.3.8 and 1.3.8a, when .htaccess is not supported, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the loader_file parameter. NOTE: the vendor disputes ...
Zen Cart Zen Cart 1.3.8
Zen Cart Zen Cart 1.3.8a
NA
CVE-2004-0241
X-Cart 3.4.3 allows remote malicious users to execute arbitrary commands via the perl_binary argument in (1) upgrade.php or (2) general.php.
Qualiteam X-cart 3.2.0
Qualiteam X-cart 3.2.1
Qualiteam X-cart 3.4.11
Qualiteam X-cart 3.4.3
Qualiteam X-cart 3.3.0
Qualiteam X-cart 3.3.2
Qualiteam X-cart 3.4.0
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »