38 matches found
CVE-2026-14637
CVE-2026-14637 affects kirilkirkov Ecommerce-CodeIgniter-Bootstrap, specifically the getCartItems function in application/libraries/ShoppingCart.php. Input manipulation of the shopping_cart parameter leads to deserialization, enabling remote exploitation as described. The patch identifier is 49b2...
EUVD-2026-41684
A security vulnerability has been detected in kirilkirkov Ecommerce-CodeIgniter-Bootstrap up to 13fd582aaf49aeab7438acc0fc3eb973a1f5e6a7. The affected element is the function getCartItems in the library application/libraries/ShoppingCart.php. The manipulation of the argument shoppingcart leads to...
EUVD-2024-55543
Command injection in the connect function in NietThijmen ShoppingCart 0.0.2 allows an attacker to execute arbitrary shell commands and achieve remote code execution via injection of malicious payloads into the Port field...
NietThijmen ShoppingCart: Command injection in the connect function
Command injection in the connect function in NietThijmen ShoppingCart 0.0.2 allows an attacker to execute arbitrary shell commands and achieve remote code execution via injection of malicious payloads into the Port field...
GHSA-GGMW-MJHV-75RM NietThijmen ShoppingCart: Command injection in the connect function
Command injection in the connect function in NietThijmen ShoppingCart 0.0.2 allows an attacker to execute arbitrary shell commands and achieve remote code execution via injection of malicious payloads into the Port field...
CVE-2024-53412
Command injection in the connect function in NietThijmen ShoppingCart 0.0.2 allows an attacker to execute arbitrary shell commands and achieve remote code execution via injection of malicious payloads into the Port field...
PT-2026-33062
Name of the Vulnerable Software and Affected Versions NietThijmen ShoppingCart version 0.0.2 Description Command injection in the connect function allows an attacker to execute arbitrary shell commands and achieve remote code execution by injecting malicious payloads into the Port field...
CVE-2024-53412
CVE-2024-53412 describes a command injection in the i/o of NietThijmen ShoppingCart 0.0.2, specifically in the connect function where user-supplied input in the Port field enables arbitrary shell commands and potential remote code execution. The public documentation identifies the vulnerability a...
CVE-2024-53412
Command injection in the connect function in NietThijmen ShoppingCart 0.0.2 allows an attacker to execute arbitrary shell commands and achieve remote code execution via injection of malicious payloads into the Port field...
CVE-2024-53412
Command injection in the connect function in NietThijmen ShoppingCart 0.0.2 allows an attacker to execute arbitrary shell commands and achieve remote code execution via injection of malicious payloads into the Port field...
CVE-2005-1594
SQL injection vulnerability in catalog.php for CodeThat ShoppingCart 1.3.1 allows remote attackers to execute arbitrary SQL commands via the id parameter...
EUVD-2005-1597
Malware in sbrugna...
EUVD-2005-1598
Malware in sbrugna...
EUVD-2005-1596
Malware in sbrugna...
CVE-2012-2631
Cross-site scripting XSS vulnerability in WEBLOGIC @WEB ShoppingCart before 1.5.2.0, and @WEB ShoppingCart T 1.5.0.1 and earlier, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2005-1595
CodeThat ShoppingCart 1.3.1 stores config.ini under the web root, which allows remote attackers to obtain sensitive information via a direct request...
Joomla MarvikShop ShoppingCart 3.4 SQL Injection Vulnerability
┌──── From The Ashes and Dust Rises An Unimaginable crack.... ────┐ ┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ┌┘ Exploits ┌┘ └───────────────────────────────────────────────────────────────────────────────────────┘┘ : Author : CraCkEr : │ Website :...
Joomla MarvikShop ShoppingCart 3.4 Cross Site Scripting
┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...
softbizscripts.com XSS vulnerability
Open Bug Bounty ID: OBB-613432 Description| Value ---|--- Affected Website:| softbizscripts.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
PHPMyWind shoppingcart.php file cross-site scripting vulnerability
PHPMyWind is a set of PHP and MySQL-based, W3C-compliant enterprise website building solutions. A cross-site scripting vulnerability exists in the PHPMyWind shoppingcart.php file, which allows remote attackers to exploit the vulnerability to inject malicious script or HTML code, which can be used...