Lucene search
K

34 matches found

NVD
NVD
added 2005/05/11 4:0 a.m.15 views

CVE-2005-1487

Multiple SQL injection vulnerabilities in FishCart 3.1 allow remote attackers to execute arbitrary SQL commands via the 1 cartid parameter to upstnt.php or 2 psku parameter to display.php. NOTE: the vendor disputes this report, saying that they are forced SQL errors. The original researcher is...

7.5CVSS8.4AI score0.03454EPSS
Exploits1References8
Cvelist
Cvelist
added 2005/05/11 4:0 a.m.23 views

CVE-2005-1487

Multiple SQL injection vulnerabilities in FishCart 3.1 allow remote attackers to execute arbitrary SQL commands via the 1 cartid parameter to upstnt.php or 2 psku parameter to display.php. NOTE: the vendor disputes this report, saying that they are forced SQL errors. The original researcher is...

8.4AI score0.03454EPSS
Exploits1References8
CVE
CVE
added 2005/05/11 4:0 a.m.44 views

CVE-2005-1486

FishCart 3.1 is affected by multiple vulnerabilities. The primary CVE (CVE-2005-1486) describes cross-site scripting via the following parameters: trackingnum, reqagree, or m in upstracking.php, and nlst in display.php. OpenVAS data also indicates SQL injection vulnerabilities in FishCart that co...

5CVSS6.2AI score0.03639EPSS
Exploits1References9Affected Software1
NVD
NVD
added 2005/05/11 4:0 a.m.18 views

CVE-2005-1486

Multiple cross-site scripting vulnerabilities in FishCart 3.1 allow remote attackers to inject arbitrary web script or HTML via the 1 trackingnum, 2 reqagree, or 3 m parameter to upstracking.php or 4 nlst parameter to display.php. NOTE: the vendor was not able to reproduce some of the reported...

5CVSS6.2AI score0.03639EPSS
Exploits1References9
Cvelist
Cvelist
added 2005/05/11 4:0 a.m.19 views

CVE-2005-1486

Multiple cross-site scripting vulnerabilities in FishCart 3.1 allow remote attackers to inject arbitrary web script or HTML via the 1 trackingnum, 2 reqagree, or 3 m parameter to upstracking.php or 4 nlst parameter to display.php. NOTE: the vendor was not able to reproduce some of the reported...

6.1AI score0.03639EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2005/05/11 12:0 a.m.6 views

PT-2005-2483 · Fishcart · Fishcart

Name of the Vulnerable Software and Affected Versions: FishCart version 3.1 Description: The issue allows remote attackers to execute arbitrary SQL commands. This can be achieved via the cartid parameter to 'upstnt.php' or the psku parameter to 'display.php'. The vendor disputes this report,...

7.5CVSS8.2AI score0.03454EPSS
Exploits1References12
exploitpack
exploitpack
added 2005/05/04 12:0 a.m.10 views

FishCart 3.1 - upstnt.php?cartid SQL Injection

FishCart 3.1 - upstnt.php?cartid SQL Injection source: https://www.securityfocus.com/bid/13499/info FishCart is prone to multiple cross-site scripting and SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input. A successful exploit of the SQL-injectio...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2005/05/04 12:0 a.m.43 views

[SA15232] FishCart Cross-Site Scripting and SQL Injection Vulnerabilities

---------------------------------------------------------------------- Want a new IT Security job? Vacant positions at Secunia: http://secunia.com/secuniavacancies/ ---------------------------------------------------------------------- TITLE: FishCart Cross-Site Scripting and SQL Injection...

0.6AI score
Exploits0
Exploit DB
Exploit DB
added 2005/05/04 12:0 a.m.85 views

FishCart 3.1 - 'upstnt.php?cartid' SQL Injection

source: https://www.securityfocus.com/bid/13499/info FishCart is prone to multiple cross-site scripting and SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input. A successful exploit of the SQL-injection issues could allow an attacker to compromise...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2005/05/04 12:0 a.m.62 views

FishCart 3.1 - 'display.php?psku' SQL Injection

source: https://www.securityfocus.com/bid/13499/info FishCart is prone to multiple cross-site scripting and SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input. A successful exploit of the SQL-injection issues could allow an attacker to compromise...

7AI score
Exploits0
NVD
NVD
added 2004/02/17 5:0 a.m.18 views

CVE-2004-0062

Integer overflow in the rnd arithmetic rounding function for various versions of FishCart before 3.1 allows remote attackers to "cause negative totals" via an order with a large quantity...

7.5CVSS6.9AI score0.01317EPSS
Exploits0References2
securityvulns
securityvulns
added 2004/01/16 12:0 a.m.43 views

FishCart Integer Overflow / Rounding Error

FishCartR is a popular full-featured multi-language open source e-commerce system. It is written in PHP4 and works with a variety of database engines. It has been in production for 6 years and is in active use in a number of countries. FishCart has developers in the US and western Europe. On 8...

6.9AI score
Exploits0
Cvelist
Cvelist
added 2004/01/15 5:0 a.m.17 views

CVE-2004-0062

Integer overflow in the rnd arithmetic rounding function for various versions of FishCart before 3.1 allows remote attackers to "cause negative totals" via an order with a large quantity...

6.9AI score0.01317EPSS
Exploits0References2
CVE
CVE
added 2004/01/15 5:0 a.m.44 views

CVE-2004-0062

The CVE-2004-0062 entry concerns FishCart prior to 3.1, where an integer overflow in the rnd arithmetic rounding function can be triggered by an order with a large quantity, enabling remote attackers to cause negative totals. Affected software: FishCart (versions before 3.1). Root cause: integer ...

7.5CVSS7.3AI score0.01317EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder