Show filters
23 Total Results
Displaying 11-20 of 23
Sort by:
Attacker Value
Unknown

CVE-2010-1876

Disclosure Date: May 12, 2010 (last updated October 04, 2023)
SQL injection vulnerability in index.php in AJ Shopping Cart 1.0 allows remote attackers to execute arbitrary SQL commands via the maincatid parameter in a showmaincatlanding action.
0
0
Attacker Value
Unknown

CVE-2008-6969

Disclosure Date: August 13, 2009 (last updated October 04, 2023)
Multiple cross-site scripting (XSS) vulnerabilities in checkout.php in Avactis Shopping Cart 1.8.0 and 1.8.1 allow remote attackers to inject arbitrary web script or HTML via the (1) step_id and (2) CHECKOUT_CZ_BLOWFISH_KEY parameters.
0
0
Attacker Value
Unknown

CVE-2008-1921

Disclosure Date: April 23, 2008 (last updated October 04, 2023)
SQL injection vulnerability in store_pages/category_list.php in 5th Avenue Shopping Cart 1.2 trial edition allows remote attackers to execute arbitrary SQL commands via the category_ID parameter.
0
0
Attacker Value
Unknown

CVE-2008-1076

Disclosure Date: February 29, 2008 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in search.php in Interspire Shopping Cart 1.x allows remote attackers to inject arbitrary web script or HTML via the search_query parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
0
0
Attacker Value
Unknown

CVE-2006-6868

Disclosure Date: December 31, 2006 (last updated October 04, 2023)
Multiple cross-site scripting (XSS) vulnerabilities in Zen Cart Web Shopping Cart before 1.3.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
0
0
Attacker Value
Unknown

CVE-2006-3800

Disclosure Date: July 24, 2006 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in Amazing Flash AFCommerce Shopping Cart allows remote attackers to inject arbitrary web script or HTML via the "new review" text box.
0
0
Attacker Value
Unknown

CVE-2005-2476

Disclosure Date: August 05, 2005 (last updated February 22, 2025)
Cross-site scripting (XSS) vulnerability in lost_passowrd.php in Naxtor Shopping Cart 1.0 allows remote attackers to inject arbitrary web script or HTML via the email parameter.
0
0
Attacker Value
Unknown

CVE-2005-2477

Disclosure Date: August 05, 2005 (last updated February 22, 2025)
shop_display_products.php in Naxtor Shopping Cart 1.0 allows remote attackers to obtain sensitive information via a cat_id with a "'" (single quote), which reveals the path in an error message, possibly due to an SQL injection vulnerability.
0
0
Attacker Value
Unknown

CVE-2005-0537

Disclosure Date: February 21, 2005 (last updated February 22, 2025)
Multiple SQL injection vulnerabilities in page.php for iGeneric (iG) Shop 1.2 may allow remote attackers to execute arbitrary SQL statements via the (1) cats, (2) l_price, or (3) u_price parameters.
0
0
Attacker Value
Unknown

CVE-2002-0553

Disclosure Date: July 03, 2002 (last updated February 22, 2025)
Cross-site scripting vulnerability in SunShop 2.5 and earlier allows remote attackers to gain administrative privileges to SunShop by injecting the script into fields during new customer registration.
0
0
View More Topics  < Previous  Next >