RSS   Vulnerabilities for 'Clickcartpro'   RSS

2005-12-16
 
CVE-2005-4293

 

 
Cross-site scripting (XSS) vulnerability in cp-app.cgi in ClickCartPro (CCP) 5.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the affl parameter.

 
2002-12-31
 
CVE-2002-2310

 

 
ClickCartPro 4.0 stores the admin_user.db data file under the web document root with insufficient access control on servers other than Apache, which allows remote attackers to obtain usernames and passwords.

 


Copyright 2024, cxsecurity.com

 

Back to Top