71 matches found
EUVD-2013-5808
Malware in sbrugna...
EUVD-2014-9263
Malware in sbrugna...
EUVD-2014-9130
Malware in sbrugna...
EUVD-2014-9281
Malware in sbrugna...
EUVD-2013-5807
Malware in sbrugna...
EUVD-2025-10837
Malicious code in bioql PyPI...
EUVD-2025-11725
Malicious code in bioql PyPI...
CVE-2014-9442
SQL injection vulnerability in models/Cart66Ajax.php in the Cart66 Lite plugin before 1.5.4 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the q parameter in a promotionProductSearch action to wp-admin/admin-ajax.php...
CVE-2014-9461
Directory traversal vulnerability in models/Cart66.php in the Cart66 Lite plugin before 1.5.4 for WordPress allows remote authenticated users to read arbitrary files via a .. dot dot in the memberdownload action to wp-admin/admin-ajax.php...
CVE-2025-32653
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Lee Blue Cart66 Cloud cart66-cloud allows Reflected XSS.This issue affects Cart66 Cloud: from n/a through = 2.3.7...
CVE-2025-32653
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Lee Blue Cart66 Cloud cart66-cloud allows Reflected XSS.This issue affects Cart66 Cloud: from n/a through = 2.3.7...
CVE-2025-32653 WordPress Cart66 Cloud Plugin <= 2.3.7 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Lee Blue Cart66 Cloud cart66-cloud allows Reflected XSS.This issue affects Cart66 Cloud: from n/a through = 2.3.7...
CVE-2025-32653 WordPress Cart66 Cloud Plugin <= 2.3.7 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Lee Blue Cart66 Cloud allows Reflected XSS. This issue affects Cart66 Cloud: from n/a through 2.3.7...
CVE-2025-32653
CVE-2025-32653 is a Reflected XSS in WordPress Cart66 Cloud (Lee Blue Cart66 Cloud) affecting Cart66 Cloud versions up to 2.3.7. The issue arises from improper input neutralization during web page generation, enabling reflected script execution. Public sources (NVD/Red Hat/ CVE lists) corroborate...
WordPress plugin Cart66 Cloud 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
PT-2025-17159 · Unknown · Cart66 Cloud
Name of the Vulnerable Software and Affected Versions: Cart66 Cloud versions 2.3.7 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Reflected XSS. This means an attacker can inject...
CVE-2025-2841
The Cart66 Cloud plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.3.7 through the publicly accessible phpinfo.php script. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in the...
CVE-2025-2841
The Cart66 Cloud plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.3.7 through the publicly accessible phpinfo.php script. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in the...
CVE-2025-2841 Cart66 Cloud <= 2.3.7 - Unauthenticated Information Exposure
The Cart66 Cloud plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.3.7 through the publicly accessible phpinfo.php script. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in the...
CVE-2025-2841
CVE-2025-2841 affects Cart66 Cloud for WordPress (up to version 2.3.7). It enables unauthenticated access to phpinfo.php, exposing potentially sensitive information. As per Wordfence, this entry is currently Unpatched; no mitigation details are provided in the supplied docs.