Lucene search
K

16 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2006-2945

Malware in sbrugna...

5CVSS6.4AI score0.01532EPSS
Exploits0References7
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.29 views

A-CART 2.0 category.asp catcode Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/21166/info A-Cart is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromis...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.32 views

Alan Ward A-Cart 2.0 category.asp catcode Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/9997/info Reportedly A-Cart is prone to multiple input validation vulnerabilities. These issues are due to a failure of the application to properly sanitize user supplied input prior to its use in SQL queries and generati...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2011/09/21 12:0 a.m.24 views

A-Cart 2.0 SQL Injection

Exploit Title: A-CART 2.0 SQL Injection Vulnerability Author: J.O Contact: [email protected] Website: http://www.m-h-a.org From : Morocco ---------------------------------------- A-CART 2.0 SQL Injection Vulnerability Vendor: http://www.alanward.net/acart/ Demo :...

Exploits0
securityvulns
securityvulns
added 2006/11/20 12:0 a.m.26 views

A-Cart 2.0 SQL Injection

Aria-Security Team Advisory www.Aria-security.Com For English www.Aria-Security.net For Persian Original Advisory: http://www.aria-security.com/forum/showthread.php?t=31 ----------------------------------------------------------- Software: A-Cart 2.0 Vendor: http://alanward.net/acart/ Method: SQL...

2.2AI score
Exploits0
Prion
Prion
added 2006/06/12 8:6 p.m.12 views

Improper access control

A-CART 2.0 stores the acart20.mdb file under the web document root with insufficient access control, which allows remote attackers to obtain username and password information...

5CVSS7.5AI score0.01532EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2006/06/12 8:6 p.m.12 views

CVE-2006-2948

A-CART 2.0 stores the acart20.mdb file under the web document root with insufficient access control, which allows remote attackers to obtain username and password information...

5CVSS6.8AI score0.01532EPSS
Exploits0References6
CVE
CVE
added 2006/06/12 8:0 p.m.68 views

CVE-2006-2948

Technical details about CVE-2006-2948 are not provided in the connected documents; only the generic description is available. Monitor for updates from official advisories.

5CVSS6.8AI score0.01532EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2006/06/12 8:0 p.m.16 views

CVE-2006-2948

A-CART 2.0 stores the acart20.mdb file under the web document root with insufficient access control, which allows remote attackers to obtain username and password information...

6.8AI score0.01532EPSS
Exploits0References6
CVE
CVE
added 2005/05/10 4:0 a.m.49 views

CVE-2004-1873

The CVE-2004-1873 entry concerns SQL injection in category.asp of A-CART Pro 2.0 and A-CART 2.0. The root cause is improper handling of the catcode parameter in category.asp, enabling remote attackers to gain privileges. Connected PT-2004-2772 provides concrete remediation guidance: update the ca...

7.5CVSS8.3AI score0.02432EPSS
Exploits1References11Affected Software1
Cvelist
Cvelist
added 2005/05/10 4:0 a.m.18 views

CVE-2004-1874

Multiple cross-site scripting XSS vulnerabilities in 1 deliver.asp and 2 billing.asp in A-CART Pro and A-CART 2.0 allow remote attackers to inject arbitrary web script or HTML via the user information forms...

5.7AI score0.01255EPSS
Exploits1References4
CVE
CVE
added 2005/05/10 4:0 a.m.50 views

CVE-2004-1874

CVE-2004-1874 describes multiple XSS vulnerabilities in A-CART Pro and A-CART 2.0, specifically in the vulnerable components deliver.asp and billing.asp, allowing remote attackers to inject arbitrary web script or HTML via the user information forms. Connected documents confirm the affected produ...

4.3CVSS5.9AI score0.01255EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2004/12/31 12:0 a.m.5 views

PT-2004-2772 · A Cart · A-Cart Pro +1

Name of the Vulnerable Software and Affected Versions: A-CART Pro version 2.0 A-CART version 2.0 Description: The issue allows remote attackers to gain privileges via the catcode parameter in the "category.asp" file. Recommendations: For A-CART Pro version 2.0, update the category.asp file to...

7.5CVSS6.8AI score0.02432EPSS
Exploits1References14
securityvulns
securityvulns
added 2004/03/30 12:0 a.m.27 views

A-CART Pro & A-CART 2.0 Input Validation Holes

Title: A-CART Pro & A-CART 2.0 Input Validation Holes Software: A-CART Pro & A-CART 2.0 Vendor: http://www.alanward.net Underlying OS: Windows. Description: A-CART is an ASP shopping cart application written in VBScript. The system allows a customer to browse through an inventory of products and...

0.1AI score
Exploits0
NVD
NVD
added 2004/03/29 5:0 a.m.15 views

CVE-2004-1874

Multiple cross-site scripting XSS vulnerabilities in 1 deliver.asp and 2 billing.asp in A-CART Pro and A-CART 2.0 allow remote attackers to inject arbitrary web script or HTML via the user information forms...

4.3CVSS5.7AI score0.01255EPSS
Exploits1References4
Packet Storm
Packet Storm
added 2004/03/29 12:0 a.m.19 views

acartSQL.txt

Title: A-CART Pro & A-CART 2.0 Input Validation Holes Software: A-CART Pro & A-CART 2.0 Vendor: http://www.alanward.net Underlying OS: Windows. Description: A-CART is an ASP shopping cart application written in VBScript. The system allows a customer to browse through an inventory of products and...

7.4AI score
Exploits0
Rows per page
Query Builder