CVE-2026-46408

Vvveb CMS vulnerable before 1.0.8.3: the checkout endpoint accepts a user-controlled cart_id and uses it to enter the payment flow without verifying cart ownership, enabling a logged-in attacker to reuse another user’s cart in their own checkout session. The fixed version is 1.0.8.3. Impact per s...

EUVD-2006-3134

Malware in sbrugna...

EUVD-2001-1180

Malware in sbrugna...

CVE-2006-3137

Cross-site scripting XSS vulnerability in productDetail.asp in Edge eCommerce Shop allows remote attackers to inject arbitrary web script or HTML via the cartid parameter...

CVE-2006-3137

Cross-site scripting XSS vulnerability in productDetail.asp in Edge eCommerce Shop allows remote attackers to inject arbitrary web script or HTML via the cartid parameter...

CVE-2001-1199

Agora CGI Cross Site Scripting (CVE-2001-1199) affects Agora versions 3.0a–4.0g due to improper input validation in the cart_id parameter when debug mode is on, enabling remote attackers to execute JavaScript in other clients. The vulnerability is documented in multiple sources (e.g., OpenVAS des...

CVE-2001-1199

Cross-site scripting vulnerability in agora.cgi for Agora 3.0a through 4.0g, when debug mode is enabled, allows remote attackers to execute Javascript on other clients via the cartid parameter...

CVE-2001-1199

Cross-site scripting vulnerability in agora.cgi for Agora 3.0a through 4.0g, when debug mode is enabled, allows remote attackers to execute Javascript on other clients via the cartid parameter...