Show filters
136 Total Results
Displaying 81-90 of 136
Sort by:
Attacker Value
Unknown

CVE-2007-2548

Disclosure Date: May 09, 2007 (last updated October 04, 2023)
Unspecified vulnerability in index.php in TurnkeyWebTools SunShop Shopping Cart 4.0 has unknown impact and an l remote attack vector, related to "Cookie Manipulation."
0
0
Attacker Value
Unknown

CVE-2007-2547

Disclosure Date: May 09, 2007 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in index.php in TurnkeyWebTools SunShop Shopping Cart 4.0 allows remote attackers to inject arbitrary web script or HTML via the l parameter.
0
0
Attacker Value
Unknown

CVE-2007-2549

Disclosure Date: May 09, 2007 (last updated October 04, 2023)
SQL injection vulnerability in index.php in TurnkeyWebTools SunShop Shopping Cart 4.0 allows remote attackers to execute arbitrary SQL commands via the (1) c or (2) quantity parameter.
0
0
Attacker Value
Unknown

CVE-2007-2474

Disclosure Date: May 02, 2007 (last updated October 04, 2023)
Multiple PHP remote file inclusion vulnerabilities in Turnkey Web Tools SunShop Shopping Cart 4.0 allow remote attackers to execute arbitrary PHP code via a URL in the abs_path parameter to (1) include/payment/payflow_pro.php, (2) global.php, or (3) libsecure.php, different vectors than CVE-2007-2070.
0
0
Attacker Value
Unknown

CVE-2007-2070

Disclosure Date: April 18, 2007 (last updated October 04, 2023)
Multiple PHP remote file inclusion vulnerabilities in Turnkey Web Tools SunShop Shopping Cart before 3.5.1 allow remote attackers to execute arbitrary PHP code via a URL in the abs_path parameter to (1) index.php or (2) checkout.php.
0
0
Attacker Value
Unknown

CVE-2007-0142

Disclosure Date: January 09, 2007 (last updated October 04, 2023)
SQL injection vulnerability in orange.asp in ShopStoreNow E-commerce Shopping Cart allows remote attackers to execute arbitrary SQL commands via the CatID parameter.
0
0
Attacker Value
Unknown

CVE-2006-6868

Disclosure Date: December 31, 2006 (last updated October 04, 2023)
Multiple cross-site scripting (XSS) vulnerabilities in Zen Cart Web Shopping Cart before 1.3.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
0
0
Attacker Value
Unknown

CVE-2006-6691

Disclosure Date: December 21, 2006 (last updated October 04, 2023)
Multiple PHP remote file inclusion vulnerabilities in Valdersoft Shopping Cart 3.0 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the commonIncludePath parameter to (1) admin/include/common.php, (2) include/common.php, or (3) common_include/common.php.
0
0
Attacker Value
Unknown

CVE-2006-6463

Disclosure Date: December 11, 2006 (last updated October 04, 2023)
Unrestricted file upload vulnerability in admin/add.php in Midicart allows remote authenticated users to upload arbitrary .php files, and possibly other files, to the images/ directory under the web root.
0
0
Attacker Value
Unknown

CVE-2006-6464

Disclosure Date: December 11, 2006 (last updated October 04, 2023)
viewcart in Midicart accepts negative numbers in the Qty (quantity) field, which allows remote attackers to obtain a smaller total price for a shopping cart.
0
0
View More Topics  < Previous  Next >