Lucene search
K

91 matches found

Cvelist
Cvelist
added 2007/05/30 1:0 a.m.25 views

CVE-2007-2890

SQL injection vulnerability in category.php in cpCommerce 1.1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the idcategory parameter...

8.2AI score0.01195EPSS
Exploits1References6
securityvulns
securityvulns
added 2007/05/30 12:0 a.m.40 views

cpcommerce < v1.1.0 [sql injection]

vendor site:http://cpcommerce.cpradio.org/ product:cpcommerce v1.1.0 bug: sql injection risk : high note:works regardless of php.ini settings . http://127.0.0.1/cpcommerce/manufacturer.php?idmanufacturer=-9//union//select//pass,LOADFILE0x2F6574632F706173737764,0//from//cpAccounts/ //result:...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2007/05/30 12:0 a.m.21 views

cpcommerce-sql.txt

126 $result.=" ."; else $result.=" ".$string$i; if strlendechexord$string$i==2 $exa.=" ".dechexord$string$i; else $exa.=" 0".dechexord$string$i; $cont++;if $cont==15...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2007/05/29 12:0 a.m.9 views

CPCommerce 1.1 - manufacturer.php SQL Injection

CPCommerce 1.1 - manufacturer.php SQL Injection source: https://www.securityfocus.com/bid/24223/info cpCommerce is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...

Exploits0
Exploit DB
Exploit DB
added 2007/05/29 12:0 a.m.22 views

CPCommerce 1.1 - 'manufacturer.php' SQL Injection

source: https://www.securityfocus.com/bid/24223/info cpCommerce is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2007/05/26 12:0 a.m.64 views

Vulnerability - cpCommerce - XSS

cpcommerce is a FOSS php-based e-commerce shopping cart web application. Exploit: Javascript placed inside a user's "Full Name:" field will not be stripped - it will be added to the database 'as-is' as long as it has no quotations in the string. When the admin goes to the clients view page, the...

2.9AI score
Exploits0
0day.today
0day.today
added 2007/05/24 12:0 a.m.38 views

cpCommerce <= 1.1.0 (category.php id_category) SQL Injection Exploit

Exploit for unknown platform in category web applications ==================================================================== cpCommerce 126 $result.=" ."; else $result.=" ".$string$i; if strlendechexord$string$i==2 $exa.=" ".dechexord$str...

7.1AI score
Exploits0
NVD
NVD
added 2003/12/31 5:0 a.m.17 views

CVE-2003-1500

PHP remote file inclusion vulnerability in functions.php in cpCommerce 0.5f allows remote attackers to execute arbitrary code via the prefix parameter...

6.8CVSS9.8AI score0.02786EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2003/12/31 12:0 a.m.5 views

PT-2003-2445 · Cpcommerce · Cpcommerce

Name of the Vulnerable Software and Affected Versions: cpCommerce version 0.5f Description: The issue allows remote attackers to execute arbitrary code via the prefix parameter in the functions.php file. This is a result of a remote file inclusion vulnerability. Recommendations: For cpCommerce...

6.8CVSS8AI score0.02786EPSS
Exploits0References10
Packet Storm
Packet Storm
added 2003/10/30 12:0 a.m.46 views

cpCommerce.exp.txt

ZH2003-31SA security advisory: file inclusion vulnerability in cpCommerce Published: 19 October 2003 Name: cpCommerce Affected Versions: 0.05f and other versions? Vendor: http://www.cpcommerce.org Issue: file inclusion vulnerability Author: Astharot at Zone-H.org Description Zone-H Security Team...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2003/10/22 12:0 a.m.154 views

ZH2003-31SA &#40;security advisory&#41;: file inclusion vulnerability in cpCommerce

ZH2003-31SA security advisory: file inclusion vulnerability in cpCommerce Published: 19 October 2003 Name: cpCommerce Affected Versions: 0.05f and other versions? Vendor: http://www.cpcommerce.org Issue: file inclusion vulnerability Author: Astharot at Zone-H.org Description Zone-H Security Team...

0.4AI score
Exploits0
Rows per page
Query Builder