RSS   Vulnerabilities for 'Ishopcart'   RSS

2006-06-05
 
CVE-2006-2814

CWE-Other
 

 
Multiple buffer overflows in the (1) vGetPost and (2) main functions in easy-scart.c through easy-scart6.c in iShopCart allow remote attackers to execute arbitrary code by sending a large amount of data containing "Submit" in an sslinvoice action, and allow remote attackers to have an unknown impact via a large amount of posted data.

 
 
CVE-2006-2813

CWE-Other
 

 
Directory traversal vulnerability in easy-scart.cgi in iShopCart allows remote attackers to read arbitrary files via a .. (dot dot) in the query string.

 


Copyright 2024, cxsecurity.com

 

Back to Top