Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

51 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2007-5233

Malware in sbrugna...

5CVSS6.4AI score0.1062EPSS
Exploits0References10
EUVD
EUVDadded 2025/10/07 12:30 a.m.4 views

EUVD-2000-0429

Malware in sbrugna...

5CVSS6.4AI score0.03624EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2000-0135

Malware in sbrugna...

7.5CVSS6.4AI score0.03149EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2000-0428

Malware in sbrugna...

7.5CVSS6.4AI score0.05383EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2004-0674

Malware in sbrugna...

6.8CVSS6.4AI score0.04081EPSS
Exploits1References5
seebug.org
seebug.orgadded 2014/07/01 12:0 a.m.53 views

McMurtrey/Whitaker & Associates Cart32 3.0/3.1/3.5 Path Disclosure Vulnerability

No description provided by source. source : http://www.securityfocus.com/bid/1932/info Cart32 is a shopping cart application for e-commerce enabled sites. Cart32 contains a vulnerability which reveals server information. Requesting a specially crafted URL, by way of the CGI application, will reve...

7.1AI score
Exploits0
seebug.org
seebug.orgadded 2014/07/01 12:0 a.m.28 views

McMurtrey/Whitaker & Associates Cart32 2-5 GetLatestBuilds Script Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10617/info Cart32 is reported prone to a cross-site scripting vulnerability. This issue presents itself due to insufficient sanitization of user-supplied data. A remote attacker can exploit this issue by creating a...

7.1AI score
Exploits0
seebug.org
seebug.orgadded 2014/07/01 12:0 a.m.37 views

McMurtrey/Whitaker & Associates Cart32 2.6/3.0 - Remote Administration Password Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1153/info Within cart32.exe, entering any password by way of http://target/scripts/cart32.exe/cart32clientlist, a remote user could obtain vital client information such as username, password, credit card numbers, and othe...

7.1AI score
Exploits0
seebug.org
seebug.orgadded 2014/07/01 12:0 a.m.21 views

Cart32 3.0 "expdate" Administrative Information Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1358/info By appending the string /expdate to a request for the cart32.exe executable, http: //target/cgi-bin/cart32.exe/expdate an attacker can access an error message followed by a debugging page containing the server...

7.1AI score
Exploits0
seebug.org
seebug.orgadded 2014/07/01 12:0 a.m.12 views

Cart32 6.x GetImage Arbitrary File Download Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/25928/info Cart32 is prone to an arbitrary-file-download vulnerability because the application fails to sufficiently sanitize user-supplied input. An attacker can exploit this issue to download arbitrary files within the...

7.1AI score
Exploits0
seebug.org
seebug.orgadded 2014/07/01 12:0 a.m.26 views

McMurtrey/Whitaker & Associates Cart32 3.0/3.1/3.5 DoS Vulnerability

No description provided by source. source : http://www.securityfocus.com/bid/1934/info Cart32 is a shopping cart application for e-commerce enabled sites. Cart32 is subject to a denial of service. When requesting a specially formed URL the application will cause the CPU utilization to spike to...

7.1AI score
Exploits0
NVD
NVDadded 2007/10/06 5:17 p.m.12 views

CVE-2007-5253

c32web.exe in McMurtrey/Whitaker Cart32 before 6.4 allows remote attackers to read arbitrary files via the ImageName parameter in a GetImage action, by appending a NULL byte %00 sequence followed by an image file extension, as demonstrated by a request for a ".txt%00.gif" file. NOTE: this might b...

5CVSS6.7AI score0.1062EPSS
Exploits0References9
Prion
Prionadded 2007/10/06 5:17 p.m.12 views

Directory traversal

c32web.exe in McMurtrey/Whitaker Cart32 before 6.4 allows remote attackers to read arbitrary files via the ImageName parameter in a GetImage action, by appending a NULL byte %00 sequence followed by an image file extension, as demonstrated by a request for a ".txt%00.gif" file. NOTE: this might b...

5CVSS7AI score0.1062EPSS
Exploits0References9Affected Software1
CVE
CVEadded 2007/10/06 5:0 p.m.48 views

CVE-2007-5253

Cart32 (shopping cart app) vulnerability CVE-2007-5253 affects the GetImage function in c32web.exe prior to Cart32 6.4. An attacker can read arbitrary files by supplying an ImageName parameter that appends a NULL byte then a file extension (e.g., ".txt%00.gif"), potentially enabling directory tra...

5CVSS6.7AI score0.1062EPSS
Exploits0References9Affected Software1
Cvelist
Cvelistadded 2007/10/06 5:0 p.m.15 views

CVE-2007-5253

c32web.exe in McMurtrey/Whitaker Cart32 before 6.4 allows remote attackers to read arbitrary files via the ImageName parameter in a GetImage action, by appending a NULL byte %00 sequence followed by an image file extension, as demonstrated by a request for a ".txt%00.gif" file. NOTE: this might b...

6.7AI score0.1062EPSS
Exploits0References9
Packet Storm
Packet Stormadded 2007/10/05 12:0 a.m.66 views

cart32-download.txt

======================================================================== = Cart32 Arbitrary File Download Vulnerability = = Vendor Website: = http://www.cart32.com = = Affected Version: = -- All releases prior to and including v6.3 = = Public disclosure on Thursday 4th October 2007 =...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessusadded 2007/10/05 12:0 a.m.101 views

Cart32 c32web.exe ImageName Traversal Arbitrary File Access

Cart32, a shopping cart application, is installed on the remote host. The remote installation of Cart32 fails to sufficiently validate input to the 'GetImage' function of 'c32web.exe' script before returning the contents of arbitrary files, not just image files as intended. An unauthenticated,...

5CVSS5.8AI score0.1062EPSS
Exploits0References2
exploitpack
exploitpackadded 2007/10/04 12:0 a.m.10 views

Cart32 6.x - GetImage Arbitrary File Download

Cart32 6.x - GetImage Arbitrary File Download source: https://www.securityfocus.com/bid/25928/info Cart32 is prone to an arbitrary-file-download vulnerability because the application fails to sufficiently sanitize user-supplied input. An attacker can exploit this issue to download arbitrary files...

Exploits0
Exploit DB
Exploit DBadded 2007/10/04 12:0 a.m.31 views

Cart32 6.x - GetImage Arbitrary File Download

source: https://www.securityfocus.com/bid/25928/info Cart32 is prone to an arbitrary-file-download vulnerability because the application fails to sufficiently sanitize user-supplied input. An attacker can exploit this issue to download arbitrary files within the context of the webserver process...

7.4AI score
Exploits0
securityvulns
securityvulnsadded 2007/10/04 12:0 a.m.80 views

Cart32 Arbitrary File Download Vulnerability

======================================================================== = Cart32 Arbitrary File Download Vulnerability = = Vendor Website: = http://www.cart32.com = = Affected Version: = -- All releases prior to and including v6.3 = = Public disclosure on Thursday 4th October 2007 =...

0.4AI score
Exploits0
Rows per page
Query Builder