5 matches found
CVE-2020-9009
The ShipStation.com plugin 1.1 and earlier for CS-Cart allows remote attackers to insert arbitrary information into the database via action=shipnotify because access to this endpoint is completely unchecked. The attacker must guess an order number...
CVE-2020-9009
creationtimestamp| type| source ---|---|--- 2023-04-12 00:23:32+00:00| seen| https://t.me/cibsecurity/61920 2025-02-14 10:03:11+00:00| seen| Telegram/nyLzwblHCO932T9p6FCg6Rsxk8pYReEKjVH7Lmsnc3t-ms...
CVE-2020-9009
The ShipStation.com plugin 1.1 and earlier for CS-Cart allows remote attackers to insert arbitrary information into the database via action=shipnotify because access to this endpoint is completely unchecked. The attacker must guess an order number...
CVE-2020-9009
The ShipStation.com plugin 1.1 and earlier for CS-Cart allows remote attackers to insert arbitrary information into the database via action=shipnotify because access to this endpoint is completely unchecked. The attacker must guess an order number...
CVE-2020-9009
The CVE-2020-9009 issue affects the ShipStation.com plugin for CS-Cart, version 1.1 and earlier. Affected component: the unchecked web endpoint at action=shipnotify, which allows remote attackers to insert arbitrary data into the database. Root cause: access to the endpoint is completely unchecke...