19 matches found
EUVD-2001-0442
Malware in sbrugna...
SAP Hybris E-commerce Suite Default Credential Validation Bypass Vulnerability
SAP Hybris E-commerce Suite is e-commerce software and multichannel commerce solution. SAP Hybris E-commerce Suite Default Credential Authentication Bypass vulnerability. An attacker could exploit the vulnerability to gain unauthorized access to the affected application...
iCat Electronic Commerce Suite 3.0 File Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2126/info iCat Electronic Commerce Suite is an application which enables a user to create and manage web based catalogues. A remote user may retrieve known files on a target system running iCat Electronic Commerce Suite...
ViArt Shop Enterprise 4.1 Arbitrary Command Execution Vulnerability
No description provided by source. ?php / ViArt Shop Enterprise 4.1 Arbitrary Command Execution Vulnerability Vendor: ViArt Software Product web page: http://www.viart.com Affected version: 4.1, 4.0.8, 4.0.5 Summary: Viart Shop is a PHP based e-commerce suite, aiming to provide everything you nee...
IBM Net.Commerce 2.0/3.x/4.x orderdspc.d2w order_rn Option SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/2350/info IBM's Net.Commerce ecommerce platform supports macros which, by default, do not properly validate requests in user-supplied input. A thoughtfully-formed request to a vulnerable script can cause the server to...
ViArt Shop Enterprise 4.1 Arbitrary Command Executio
?php / ViArt Shop Enterprise 4.1 Arbitrary Command Execution Vulnerability Vendor: ViArt Software Product web page: http://www.viart.com Affected version: 4.1, 4.0.8, 4.0.5 Summary: Viart Shop is a PHP based e-commerce suite, aiming to provide everything you need to run a successful on-line...
ViArt Shop Enterprise 4.1 Arbitrary Command Execution / XSS Vulnerabilities
Exploit for php platform in category web applications ?php / ViArt Shop Enterprise 4.1 Arbitrary Command Execution Vulnerability Vendor: ViArt Software Product web page: http://www.viart.com Affected version: 4.1, 4.0.8, 4.0.5 Summary: Viart Shop is a PHP based e-commerce suite, aiming to provide...
ViArt Shop Enterprise 4.1 (post-auth) Multiple Stored XSS Vulnerabilities
Summary Viart Shop is a PHP based e-commerce suite, aiming to provide everything you need to run a successful on-line business. Description ViArt Shop suffers from multiple stored cross-site scripting vulnerabilities. The issues are triggered when input passed via several parameters to several...
Improper access control
The 1 Net.Commerce and 2 Net.Data components in IBM WebSphere Commerce Suite store sensitive information under the web root with insufficient access control, which allows remote attackers to discover passwords, and database and filesystem details, via direct requests for configuration files...
CVE-2009-2956
The CVE-2009-2956 entry relates to IBM WebSphere Commerce Suite, specifically the Net.Commerce and Net.Data components, which are reported to store sensitive information under the web root due to insufficient access control. This setup may allow remote attackers to discover passwords, and databas...
CVE-2008-2020
The CAPTCHA implementation as used in 1 Francisco Burzi PHP-Nuke 7.0 and 8.1, 2 my123tkShop e-Commerce-Suite aka 123tkShop 0.9.1, 3 phpMyBitTorrent 1.2.2, 4 TorrentFlux 2.3, 5 e107 0.7.11, 6 WebZE 0.5.9, 7 Open Media Collectors Database aka OpenDb 1.5.0b4, and 8 Labgab 1.1 uses a codebg.jpg...
CVE-2008-2020
The CVE-2008-2020 issue affects multiple CAPTCHA implementations: PHP-Nuke (versions 7.0–8.1), my123tkShop 0.9.1, phpMyBitTorrent 1.2.2, TorrentFlux 2.3, e107 0.7.11, WebZE 0.5.9, Open Media Collectors Database 1.5.0b4, and Labgab 1.1. The root cause is use of a code_bg.jpg background with PHP Im...
JShop E-Commerce Suite 1.2 Product.PHP Cross-Site Scripting Vulnerability
JShop E-Commerce Suite 1.2 Product.PHP Cross-Site Scripting Vulnerability. Webapps exploit for php platform source: http://www.securityfocus.com/bid/12403/info JShop E-Commerce Suite is affected by a cross-site scripting vulnerability in the 'product.php' script. As a result of this vulnerability...
JShop E-Commerce Suite 3.0 - Page.PHP Cross-Site Scripting Vulnerability
JShop E-Commerce Suite v3 Page.PHP Cross-Site Scripting Vulnerability. Webapps exploit for php platform source: http://www.securityfocus.com/bid/11003/info Reportedly the JShop E-Commerce Suite is affected by a cross-site scripting vulnerability in the 'page.php' script. This issue is due to a...
CVE-2001-0446
IBM WCS WebSphere Commerce Suite 4.0.1 with Application Server 3.0.2 allows remote attackers to read source code for .jsp files by appending a / to the requested URL...
Re: Passwords in Net.Commerce/WebSphere decryptable, any version
IBM Global Services Managed Security Services Outside Advisory Redistribution 8 MAR 2001 2:11 GMT MSS-OAR-E01-2001:087.1 =========================================================================== The MSS Outside Advisory Redistribution is designed to provide customers of IBM Managed Security...
IBM Net.Commerce 2.0/3.x/4.x - orderdspc.d2w order_rn Option SQL Injection
source: https://www.securityfocus.com/bid/2350/info IBM's Net.Commerce ecommerce platform supports macros which, by default, do not properly validate requests in user-supplied input. A thoughtfully-formed request to a vulnerable script can cause the server to disclose sensitive system information...
iCat Carbo Server File Disclosure Vulnerability
Description iCat Electronic Commerce Suite is an application which enables a user to create and manage web based catalogues. A remote user may retrieve known files on a target system running iCat Electronic Commerce Suite. The Carbo Server component of the Electronic Commerce Suite does not...
iCat Electronic Commerce Suite 3.0 - File Disclosure
source: https://www.securityfocus.com/bid/2126/info iCat Electronic Commerce Suite is an application which enables a user to create and manage web based catalogues. A remote user may retrieve known files on a target system running iCat Electronic Commerce Suite. The Carbo Server component of the...