Lucene search
K

38 matches found

CVE
CVE
added yesterday10 views

CVE-2026-14637

CVE-2026-14637 affects kirilkirkov Ecommerce-CodeIgniter-Bootstrap, specifically the getCartItems function in application/libraries/ShoppingCart.php. Input manipulation of the shopping_cart parameter leads to deserialization, enabling remote exploitation as described. The patch identifier is 49b2...

8.8CVSS6.6AI score
Exploits0References7
EUVD
EUVD
added yesterday6 views

EUVD-2026-41684

A security vulnerability has been detected in kirilkirkov Ecommerce-CodeIgniter-Bootstrap up to 13fd582aaf49aeab7438acc0fc3eb973a1f5e6a7. The affected element is the function getCartItems in the library application/libraries/ShoppingCart.php. The manipulation of the argument shoppingcart leads to...

8.8CVSS6.6AI score
Exploits0References7
EUVD
EUVD
added 2026/04/15 3:31 p.m.4 views

EUVD-2024-55543

Command injection in the connect function in NietThijmen ShoppingCart 0.0.2 allows an attacker to execute arbitrary shell commands and achieve remote code execution via injection of malicious payloads into the Port field...

8.4CVSS6.6AI score0.00558EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/04/15 3:31 p.m.12 views

NietThijmen ShoppingCart: Command injection in the connect function

Command injection in the connect function in NietThijmen ShoppingCart 0.0.2 allows an attacker to execute arbitrary shell commands and achieve remote code execution via injection of malicious payloads into the Port field...

8.4CVSS6.6AI score0.00558EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/04/15 3:31 p.m.5 views

GHSA-GGMW-MJHV-75RM NietThijmen ShoppingCart: Command injection in the connect function

Command injection in the connect function in NietThijmen ShoppingCart 0.0.2 allows an attacker to execute arbitrary shell commands and achieve remote code execution via injection of malicious payloads into the Port field...

8.4CVSS6.6AI score0.00558EPSS
Exploits0References4
NVD
NVD
added 2026/04/15 3:16 p.m.4 views

CVE-2024-53412

Command injection in the connect function in NietThijmen ShoppingCart 0.0.2 allows an attacker to execute arbitrary shell commands and achieve remote code execution via injection of malicious payloads into the Port field...

8.4CVSS0.00558EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/15 12:0 a.m.9 views

PT-2026-33062

Name of the Vulnerable Software and Affected Versions NietThijmen ShoppingCart version 0.0.2 Description Command injection in the connect function allows an attacker to execute arbitrary shell commands and achieve remote code execution by injecting malicious payloads into the Port field...

8.4CVSS6.8AI score0.00558EPSS
Exploits0References9
CVE
CVE
added 2026/04/15 12:0 a.m.7 views

CVE-2024-53412

CVE-2024-53412 describes a command injection in the i/o of NietThijmen ShoppingCart 0.0.2, specifically in the connect function where user-supplied input in the Port field enables arbitrary shell commands and potential remote code execution. The public documentation identifies the vulnerability a...

8.4CVSS6.6AI score0.00558EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/15 12:0 a.m.3 views

CVE-2024-53412

Command injection in the connect function in NietThijmen ShoppingCart 0.0.2 allows an attacker to execute arbitrary shell commands and achieve remote code execution via injection of malicious payloads into the Port field...

8.4CVSS6.6AI score0.00558EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/04/15 12:0 a.m.22 views

CVE-2024-53412

Command injection in the connect function in NietThijmen ShoppingCart 0.0.2 allows an attacker to execute arbitrary shell commands and achieve remote code execution via injection of malicious payloads into the Port field...

0.00558EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/09 12:43 p.m.6 views

CVE-2005-1594

SQL injection vulnerability in catalog.php for CodeThat ShoppingCart 1.3.1 allows remote attackers to execute arbitrary SQL commands via the id parameter...

7.5CVSS8.8AI score0.01403EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2005-1597

Malware in sbrugna...

7.5CVSS6.4AI score0.01403EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2005-1598

Malware in sbrugna...

5CVSS6.4AI score0.01805EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2005-1596

Malware in sbrugna...

6.8CVSS6.4AI score0.04228EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2025/05/22 5:29 a.m.6 views

CVE-2012-2631

Cross-site scripting XSS vulnerability in WEBLOGIC @WEB ShoppingCart before 1.5.2.0, and @WEB ShoppingCart T 1.5.0.1 and earlier, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6AI score0.01148EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/21 8:13 p.m.10 views

CVE-2005-1595

CodeThat ShoppingCart 1.3.1 stores config.ini under the web root, which allows remote attackers to obtain sensitive information via a direct request...

5CVSS6.5AI score0.01805EPSS
Exploits1References1
0day.today
0day.today
added 2022/10/04 12:0 a.m.285 views

Joomla MarvikShop ShoppingCart 3.4 SQL Injection Vulnerability

┌──── From The Ashes and Dust Rises An Unimaginable crack.... ────┐ ┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ┌┘ Exploits ┌┘ └───────────────────────────────────────────────────────────────────────────────────────┘┘ : Author : CraCkEr : │ Website :...

0.8AI score
Exploits0
Packet Storm
Packet Storm
added 2022/10/03 12:0 a.m.191 views

Joomla MarvikShop ShoppingCart 3.4 Cross Site Scripting

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

0.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2018/05/07 2:5 p.m.8 views

softbizscripts.com XSS vulnerability

Open Bug Bounty ID: OBB-613432 Description| Value ---|--- Affected Website:| softbizscripts.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.2AI score
Exploits0
CNVD
CNVD
added 2017/08/22 12:0 a.m.2 views

PHPMyWind shoppingcart.php file cross-site scripting vulnerability

PHPMyWind is a set of PHP and MySQL-based, W3C-compliant enterprise website building solutions. A cross-site scripting vulnerability exists in the PHPMyWind shoppingcart.php file, which allows remote attackers to exploit the vulnerability to inject malicious script or HTML code, which can be used...

6.1CVSS5.9AI score0.01853EPSS
Exploits4References1
Rows per page
Query Builder