8 matches found
EUVD-2020-29730
Malware in sbrugna...
CVE-2020-9009
The ShipStation.com plugin 1.1 and earlier for CS-Cart allows remote attackers to insert arbitrary information into the database via action=shipnotify because access to this endpoint is completely unchecked. The attacker must guess an order number...
CVE-2020-8889
The ShipStation.com plugin 1.0 for CS-Cart allows remote attackers to obtain sensitive information via action=export because a typo results in a successful comparison of a blank password and NULL...
CVE-2020-9009
The ShipStation.com plugin 1.1 and earlier for CS-Cart allows remote attackers to insert arbitrary information into the database via action=shipnotify because access to this endpoint is completely unchecked. The attacker must guess an order number...
CVE-2020-9009
The ShipStation.com plugin 1.1 and earlier for CS-Cart allows remote attackers to insert arbitrary information into the database via action=shipnotify because access to this endpoint is completely unchecked. The attacker must guess an order number...
PT-2023-11951 · Shipstation.Com · Shipstation.Com Plugin
Name of the Vulnerable Software and Affected Versions: ShipStation.com plugin versions 1.1 and earlier for CS-Cart Description: The issue allows remote attackers to insert arbitrary information into the database via the "action=shipnotify" endpoint because access to this endpoint is completely...
CVE-2020-8889
The ShipStation.com plugin 1.0 for CS-Cart allows remote attackers to obtain sensitive information via action=export because a typo results in a successful comparison of a blank password and NULL...
CVE-2020-8889
The ShipStation.com plugin 1.0 for CS-Cart allows remote attackers to obtain sensitive information via action=export because a typo results in a successful comparison of a blank password and NULL...