18 matches found
EUVD-2006-6373
Malware in sbrugna...
EUVD-2007-3130
Malware in sbrugna...
EUVD-2007-0260
Malware in sbrugna...
EUVD-2006-6374
Malware in sbrugna...
CVE-2006-6391
Multiple directory traversal vulnerabilities in Open Solution Quick.Cart 2.0, when registerglobals is enabled and magicquotesgpc is disabled, allow remote attackers to include arbitrary files via a .. dot dot in the configdbtype parameter to 1 actionsadmin/other.php and 2 actionsclient/gallery.ph...
CVE-2012-6049
Open Solution Quick.Cart 5.0 allows remote attackers to obtain sensitive information via 1 a long string or 2 invalid characters in a cookie, which reveals the installation path in an error message...
Design/Logic Flaw
Open Solution Quick.Cart 5.0 allows remote attackers to obtain sensitive information via 1 a long string or 2 invalid characters in a cookie, which reveals the installation path in an error message...
CVE-2012-6049
Open Solution Quick.Cart 5.0 allows remote attackers to obtain sensitive information via 1 a long string or 2 invalid characters in a cookie, which reveals the installation path in an error message...
CVE-2007-3138
Directory traversal vulnerability in index.php in Open Solution Quick.Cart 2.2 and earlier allows remote attackers to include and execute arbitrary local files via a .. dot dot in an sLanguage cookie, which is used to define a value in config/general.php...
CVE-2007-3138
CVE-2007-3138 affects Open Solution Quick.Cart 2.2 and earlier. A directory traversal flaw allows remote attackers to cause local file inclusion via a .. in the sLanguage cookie, which is used to define a value in config/general.php. The vulnerability can impact confidentiality, integrity, and av...
CVE-2007-3138
Directory traversal vulnerability in index.php in Open Solution Quick.Cart 2.2 and earlier allows remote attackers to include and execute arbitrary local files via a .. dot dot in an sLanguage cookie, which is used to define a value in config/general.php...
CVE-2007-0258
CVE-2007-0258 is an XSS vulnerability in the web application code paths for 1) Fastilo 2.0 and 2) Open Solution Quick.Cart 2.0, specifically in index.php where the p parameter can be used to inject arbitrary script/HTML. The connected sources consistently describe the issue as a cross-site script...
CVE-2006-6391
Multiple directory traversal vulnerabilities in Open Solution Quick.Cart 2.0, when registerglobals is enabled and magicquotesgpc is disabled, allow remote attackers to include arbitrary files via a .. dot dot in the configdbtype parameter to 1 actionsadmin/other.php and 2 actionsclient/gallery.ph...
CVE-2006-6390
Multiple directory traversal vulnerabilities in Open Solution Quick.Cart 2.0, when registerglobals is enabled and magicquotesgpc is disabled, allow remote attackers to include and execute arbitrary local files via a .. dot dot in the configdbtype parameter to 1 categories.php, 2 couriers.php, 3...
CVE-2006-6391
CVE-2006-6391 affects Open Solution Quick.Cart 2.0. The issue is a directory traversal vulnerability that allows remote attackers to include arbitrary files via a .. in the config[db_type] parameter sent to actions_admin/other.php and actions_client/gallery.php when register_globals is enabled an...
CVE-2006-6390
CVE-2006-6390 concerns multiple directory traversal vulnerabilities in Open Solution Quick.Cart 2.0 . When register_globals is enabled and magic_quotes_gpc is disabled, remote attackers can exploit a .. path in the config[db_type] parameter to (1) categories.php, (2) couriers.php, (3) orders.php,...
CVE-2006-6391
Multiple directory traversal vulnerabilities in Open Solution Quick.Cart 2.0, when registerglobals is enabled and magicquotesgpc is disabled, allow remote attackers to include arbitrary files via a .. dot dot in the configdbtype parameter to 1 actionsadmin/other.php and 2 actionsclient/gallery.ph...
CVE-2006-6390
Multiple directory traversal vulnerabilities in Open Solution Quick.Cart 2.0, when registerglobals is enabled and magicquotesgpc is disabled, allow remote attackers to include and execute arbitrary local files via a .. dot dot in the configdbtype parameter to 1 categories.php, 2 couriers.php, 3...