Lucene search
K

7 matches found

NVD
NVD
added 2015/05/14 2:59 p.m.22 views

CVE-2015-3301

Directory traversal vulnerability in the TheCartPress eCommerce Shopping Cart aka The Professional WordPress eCommerce Plugin plugin for WordPress before 1.3.9.3 allows remote administrators to read arbitrary files via a .. dot dot in the tcpboxpath parameter in the checkouteditorsettings page to...

4CVSS6.6AI score0.09101EPSS
Exploits6References7
Cvelist
Cvelist
added 2015/05/14 2:0 p.m.37 views

CVE-2015-3301

Directory traversal vulnerability in the TheCartPress eCommerce Shopping Cart aka The Professional WordPress eCommerce Plugin plugin for WordPress before 1.3.9.3 allows remote administrators to read arbitrary files via a .. dot dot in the tcpboxpath parameter in the checkouteditorsettings page to...

7.5AI score0.09101EPSS
Exploits6References7
CVE
CVE
added 2015/05/14 2:0 p.m.60 views

CVE-2015-3301

The CartPress/TheCartPress WordPress plugin (vulnerable before 1.3.9.3) suffers a Local PHP File Inclusion/Directory Traversal (CVE-2015-3301) via the tcp_box_path parameter in checkout_editor_settings (/wp-admin/admin.php?page=checkout_editor_settings). Exploitation requires administrative privi...

4CVSS7.3AI score0.09101EPSS
Exploits6References7Affected Software1
securityvulns
securityvulns
added 2015/05/11 12:0 a.m.68 views

Multiple Vulnerabilities in TheCartPress WordPress plugin

Advisory ID: HTB23254 Product: TheCartPress WordPress plugin Vendor: TheCartPress team Vulnerable Versions: 1.3.9 and probably prior Tested Version: 1.3.9 Advisory Publication: April 8, 2015 without technical details Vendor Notification: April 8, 2015 Public Disclosure: April 29, 2015 Vulnerabili...

5CVSS0.3AI score0.21674EPSS
Exploits8
Packet Storm
Packet Storm
added 2015/04/29 12:0 a.m.74 views

WordPress TheCartPress 1.3.9 XSS / Local File Inclusion

Advisory ID: HTB23254 Product: TheCartPress WordPress plugin Vendor: TheCartPress team Vulnerable Versions: 1.3.9 and probably prior Tested Version: 1.3.9 Advisory Publication: April 8, 2015 without technical details Vendor Notification: April 8, 2015 Public Disclosure: April 29, 2015 Vulnerabili...

4.3CVSS7.5AI score0.21674EPSS
Exploits8
exploitpack
exploitpack
added 2015/04/29 12:0 a.m.57 views

WordPress Plugin TheCartPress 1.3.9 - Multiple Vulnerabilities

WordPress Plugin TheCartPress 1.3.9 - Multiple Vulnerabilities Advisory ID: HTB23254 Product: TheCartPress WordPress plugin Vendor: TheCartPress team Vulnerable Versions: 1.3.9 and probably prior Tested Version: 1.3.9 Advisory Publication: April 8, 2015 without technical details Vendor...

5CVSS0.1AI score0.21674EPSS
Exploits8
Exploit DB
Exploit DB
added 2015/04/29 12:0 a.m.73 views

WordPress Plugin TheCartPress 1.3.9 - Multiple Vulnerabilities

Advisory ID: HTB23254 Product: TheCartPress WordPress plugin Vendor: TheCartPress team Vulnerable Versions: 1.3.9 and probably prior Tested Version: 1.3.9 Advisory Publication: April 8, 2015 without technical details Vendor Notification: April 8, 2015 Public Disclosure: April 29, 2015 Vulnerabili...

7.5CVSS7.7AI score0.21674EPSS
Exploits8
Rows per page
Query Builder