RSS   Vulnerabilities for 'Shoppingcart'   RSS

2005-05-16
 
CVE-2005-1595

 

 
CodeThat ShoppingCart 1.3.1 stores config.ini under the web root, which allows remote attackers to obtain sensitive information via a direct request.

 
 
CVE-2005-1594

 

 
SQL injection vulnerability in catalog.php for CodeThat ShoppingCart 1.3.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.

 
 
CVE-2005-1593

 

 
Cross-site scripting (XSS) vulnerability in catalog.php for CodeThat ShoppingCart 1.3.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter.

 


Copyright 2024, cxsecurity.com

 

Back to Top