CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Packet Storm•added 2023/01/11 12:0 a.m.•195 views

eCart Web 4.0.0 Insecure Settings

==================================================================================================================================== | Title : eCart Web v4.0.0- Multi Vendor eCommerce Marketplace Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro /...

7.4AI score

Packet Storm•added 2023/01/11 12:0 a.m.•180 views

eCart Multi Vendor eCommerce System 1.x Insecure Settings

==================================================================================================================================== | Title : eCart – Multi Vendor eCommerce System 1.x Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser :...

7.4AI score

Openbugbounty•added 2017/09/22 5:44 a.m.•15 views

gen-rent.com XSS vulnerability

Open Bug Bounty ID: OBB-303445 Description| Value ---|--- Affected Website:| gen-rent.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.3AI score

NVD•added 2008/10/27 5:21 p.m.•6 views

CVE-2008-4745

Cross-site scripting XSS vulnerability in emailFriend.asp in Uniwin eCart Professional 2.0.17 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.7AI score0.00322EPSS

NVD•added 2008/10/27 5:21 p.m.•9 views

CVE-2008-4746

Multiple SQL injection vulnerabilities in Uniwin eCart Professional 2.0.17 allow remote attackers to execute arbitrary SQL commands via unspecified vectors to 1 search.asp and 2 cartUtil.asp...

7.5CVSS8.5AI score0.00413EPSS

Prion•added 2008/10/27 5:21 p.m.•8 views

Sql injection

Multiple SQL injection vulnerabilities in Uniwin eCart Professional 2.0.17 allow remote attackers to execute arbitrary SQL commands via unspecified vectors to 1 search.asp and 2 cartUtil.asp...

7.5CVSS9.2AI score0.00413EPSS

Prion•added 2008/10/27 5:21 p.m.•9 views

Cross site scripting

Cross-site scripting XSS vulnerability in emailFriend.asp in Uniwin eCart Professional 2.0.17 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6.1AI score0.00322EPSS

CVE•added 2008/10/27 5:0 p.m.•43 views

CVE-2008-4746

CVE-2008-4746 affects Uniwin eCart Professional 2.0.17. The vulnerability consists of multiple SQL injection flaws exploitable via unspecified vectors to the pages search.asp and cartUtil.asp , enabling remote attackers to run arbitrary SQL commands. The root cause is improper input handling lead...

7.5CVSS8.5AI score0.00413EPSS

Cvelist•added 2008/10/27 5:0 p.m.•13 views

CVE-2008-4745

Cross-site scripting XSS vulnerability in emailFriend.asp in Uniwin eCart Professional 2.0.17 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

5.7AI score0.00322EPSS

Cvelist•added 2008/10/27 5:0 p.m.•14 views

CVE-2008-4746

Multiple SQL injection vulnerabilities in Uniwin eCart Professional 2.0.17 allow remote attackers to execute arbitrary SQL commands via unspecified vectors to 1 search.asp and 2 cartUtil.asp...

8.5AI score0.00413EPSS

CVE•added 2008/10/27 5:0 p.m.•35 views

CVE-2008-4745

CVE-2008-4745 is an XSS vulnerability in Uniwin eCart Professional 2.0.17, specifically in emailFriend.asp. Remote attackers can inject arbitrary web script or HTML via unspecified vectors. The NVD entry lists a base score of 4.3 (Medium) with Network attack vector, Medium complexity, no authenti...

4.3CVSS5.7AI score0.00322EPSS