Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Cart32 Security Vulnerabilities

cve
cve

CVE-2007-5253

c32web.exe in McMurtrey/Whitaker Cart32 before 6.4 allows remote attackers to read arbitrary files via the ImageName parameter in a GetImage action, by appending a NULL byte (%00) sequence followed by an image file extension, as demonstrated by a request for a ".txt%00.gif" file. NOTE: this might.....

7AI Score

0.008EPSS

2007-10-06 05:17 PM
27
cve
cve

CVE-2004-0675

Cross-site scripting (XSS) vulnerability in (1) cart32.exe or (2) c32web.exe in Cart32 shopping cart allows remote attackers to execute arbitrary web script via the cart32 parameter to a GetLatestBuilds...

6.4AI Score

0.007EPSS

2004-08-06 04:00 AM
23
cve
cve

CVE-2000-0430

Cart32 allows remote attackers to access sensitive debugging information by appending /expdate to the URL...

7.2AI Score

0.02EPSS

2000-05-03 04:00 AM
23
cve
cve

CVE-2000-0429

A backdoor password in Cart32 3.0 and earlier allows remote attackers to execute arbitrary...

7.7AI Score

0.022EPSS

2000-04-27 04:00 AM
25
cve
cve

CVE-2000-0136

The Cart32 shopping cart application allows remote users to modify sensitive purchase information via hidden form...

7.1AI Score

0.036EPSS

2000-02-01 05:00 AM
25