2 matches found
Directory traversal
Directory traversal vulnerability in the TheCartPress eCommerce Shopping Cart aka The Professional WordPress eCommerce Plugin plugin for WordPress before 1.3.9.3 allows remote administrators to read arbitrary files via a .. dot dot in the tcpboxpath parameter in the checkouteditorsettings page to...
WordPress Plugin TheCartPress Local PHP File Inclusion Vulnerability
WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A local PHP file inclusion vulnerability exists in the WordPress plugin TheCartPress. Due to input passed to the...