EUVD-2014-3911

Malware in sbrugna...

EUVD-2014-3768

Malware in sbrugna...

CVE-2011-3811

TomatoCart 1.1.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by templates/system/offline.php and certain other files...

tomatocart.com XSS vulnerability

Vulnerable URL: http://www.tomatocart.com/index.php?option=comliveshops=go=www.openbugbounty.org Details: Description| Value ---|--- Patched:| Yes, at 12.01.2017 Latest check for patch:| 12.01.2017 17:36 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 490525 VIP...

TomatoCart 1.1.8.6.1 Cross Site Scripting

Security Advisory - Curesec Research Team 1. Introduction Affected Product: TomatoCart v1.1.8.6.1 Fixed in: not fixed Fixed Version Link: n/a Vendor Contact: [email protected] Vulnerability Type: XSS Remote Exploitable: Yes Reported to vendor: 09/29/2015 Disclosed to public: 11/13/2015 Relea...

TomatoCart SQL Injection and Cross Site Scripting Vulnerabilities

TomatoCart is prone to sql-injection and cross-site scripting. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2014-3978

SQL injection vulnerability in TomatoCart 1.1.8.6.1 allows remote authenticated users to execute arbitrary SQL commands via the First Name and Last Name fields in a new address book contact...

CVE-2014-3830

Cross-site scripting XSS vulnerability in info.php in TomatoCart 1.1.8.6.1 allows remote attackers to inject arbitrary web script or HTML via the faqsid parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in info.php in TomatoCart 1.1.8.6.1 allows remote attackers to inject arbitrary web script or HTML via the faqsid parameter...

CVE-2014-3830

Cross-site scripting XSS vulnerability in info.php in TomatoCart 1.1.8.6.1 allows remote attackers to inject arbitrary web script or HTML via the faqsid parameter...

CVE-2014-3978

SQL injection vulnerability in TomatoCart 1.1.8.6.1 allows remote authenticated users to execute arbitrary SQL commands via the First Name and Last Name fields in a new address book contact...

CVE-2014-3978

TomatoCart 1.x (stable) is affected by CVE-2014-3978: an SQL injection in the address book creation flow (First name/Last name fields) that allows remote authentication-based attacker to inject arbitrary SQL. Affected software version is TomatoCart 1.1.8.6.1. Public references include OpenVAS and...

TomatoCart v1.x (latest-stable) Multiple Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2014-3978 - Remote SQL Injection Vulnerability CVE-2014-3830 - Reflected Cross Site Scripting - ------------------------------------------------------------------------------ Title: TomatoCart v1.x latest-stable Remote SQL Injection Vulnerability...

TomatoCart 1.x - SQL Injection Vulnerability

No description provided by source. Title: TomatoCart v1.x latest-stable Remote SQL Injection Vulnerability Background: TomatoCart is open source ecommerce solution developed and maintained by a number of 64,000+ users from 50+ countries and regions. It's distributed under the terms of the GNU...

TomatoCart 1.x - SQL Injection Vulnerability

Exploit for php platform in category web applications Title: TomatoCart v1.x latest-stable Remote SQL Injection Vulnerability Background: TomatoCart is open source ecommerce solution developed and maintained by a number of 64,000+ users from 50+ countries and regions. It's distributed under the...

TomatoCart 1.x - SQL Injection

Title: TomatoCart v1.x latest-stable Remote SQL Injection Vulnerability Background: TomatoCart is open source ecommerce solution developed and maintained by a number of 64,000+ users from 50+ countries and regions. It's distributed under the terms of the GNU General Public License or "GPL", free ...

TomatoCart 1.x - SQL Injection

TomatoCart 1.x - SQL Injection Title: TomatoCart v1.x latest-stable Remote SQL Injection Vulnerability Background: TomatoCart is open source ecommerce solution developed and maintained by a number of 64,000+ users from 50+ countries and regions. It's distributed under the terms of the GNU General...

TomatoCart 1.x Cross Site Scripting / SQL Injection

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2014-3978 - Remote SQL Injection Vulnerability CVE-2014-3830 - Reflected Cross Site Scripting - ------------------------------------------------------------------------------ Title: TomatoCart v1.x latest-stable Remote SQL Injection Vulnerability...

TomatoCart 1.1 Post Auth Local File Inclusion Vulnerability

No description provided by source. Exploit Title: TomatoCart 1.1 PostAuth Local File Include Google Dork: Powered by TomatoCart Date: 25.10.2010 Author: brainpillow Software Link: http://www.tomatocart.com/ Version: 1.1 ========================================================= Vuln. code: if...

TomatoCart - Backup Vulnerability

No description provided by source. ======================================================================================== | Title : TomatoCart Backup Vulnerability | | Author : indoushka | | email : [email protected] | | Home : Souk Naamane - 04325 - Oum El Bouaghi - Algeria -00213771818860...