21 matches found
EUVD-2004-0241
Malware in sbrugna...
EUVD-2015-5411
Malware in sbrugna...
EUVD-2015-0958
Malware in sbrugna...
EUVD-2017-6742
Malware in sbrugna...
CVE-2015-5455
Cross-site scripting XSS vulnerability in X-Cart 4.5.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors to install/...
X-Cart 5.4.1.x < 5.4.1.8 Deserialization Vulnerability
According to the self-reported version in its response header, the version of X-Cart hosted on the remote web server is 5.0.10 5.3.6.8, 5.4.0.x 5.4.0.13 or 5.4.1.x 5.4.1.8. It is, therefore, affected by a vulnerability in the cookie viewedResources handling leading to insecure deserialization and...
X-Cart Privilege Access Vulnerability
X-Cart is an open source PHP e-commerce software . The software provides favorites , order records and inventory management modules. A security vulnerability exists in X-Cart 5.1.10 and earlier versions. A remote attacker can exploit this vulnerability by sending a modified update or delete reque...
Qualiteam X-Cart 4.0.8 - register.php?mode SQL Injection
Qualiteam X-Cart 4.0.8 - register.php?mode SQL Injection source: https://www.securityfocus.com/bid/13817/info X-Cart is prone to SQL injection and cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. These...
Qualiteam X-Cart 4.0.8 - product.php Multiple SQL Injections
Qualiteam X-Cart 4.0.8 - product.php Multiple SQL Injections source: https://www.securityfocus.com/bid/13817/info X-Cart is prone to SQL injection and cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. These...
Qualiteam X-Cart 4.0.8 - search.php?mode SQL Injection
Qualiteam X-Cart 4.0.8 - search.php?mode SQL Injection source: https://www.securityfocus.com/bid/13817/info X-Cart is prone to SQL injection and cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. These vulnerabiliti...
Qualiteam X-Cart 4.0.8 - register.php?mode Cross-Site Scripting
Qualiteam X-Cart 4.0.8 - register.php?mode Cross-Site Scripting source: https://www.securityfocus.com/bid/13817/info X-Cart is prone to SQL injection and cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. These...
Qualiteam X-Cart 4.0.8 - 'error_message.php?id' SQL Injection
source: https://www.securityfocus.com/bid/13817/info X-Cart is prone to SQL injection and cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. These vulnerabilities could permit remote attackers to pass malicious inpu...
Qualiteam X-Cart 4.0.8 - 'product.php' Multiple SQL Injections
source: https://www.securityfocus.com/bid/13817/info X-Cart is prone to SQL injection and cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. These vulnerabilities could permit remote attackers to pass malicious inpu...
CVE-2004-0241
X-Cart 3.4.3 allows remote attackers to execute arbitrary commands via the perlbinary argument in 1 upgrade.php or 2 general.php...
CVE-2004-0240
Directory traversal vulnerability in X-Cart 3.4.3 allows remote attackers to view arbitrary files via a .. dot dot in the shopclosedfile argument to auth.php...
CVE-2004-0240
Directory traversal vulnerability in X-Cart 3.4.3 allows remote attackers to view arbitrary files via a .. dot dot in the shopclosedfile argument to auth.php...
CVE-2004-0241
X-Cart 3.4.3 allows remote attackers to execute arbitrary commands via the perlbinary argument in 1 upgrade.php or 2 general.php...
Qualiteam X-Cart 3.x - general.php?perl_binary Arbitrary Command Execution
Qualiteam X-Cart 3.x - general.php?perlbinary Arbitrary Command Execution source: https://www.securityfocus.com/bid/9560/info X-Cart has been reported to be prone to an issue that may allow remote attackers to execute arbitrary commands on the affected system. The issue is caused by a failure of...
X-Cart vulnerability
X-Cart ttp://www.x-cart.comis a well distributed PHP e-commerce solution. We have discovered some security related bugs in X-Cart Version 3.4.3. It is possible that other versions are vulnerable too. Any visitor can view any file on the web server. This URL my be used as proof of concept:...
Qualiteam X-Cart 3.x - 'general.php?perl_binary' Arbitrary Command Execution
source: https://www.securityfocus.com/bid/9560/info X-Cart has been reported to be prone to an issue that may allow remote attackers to execute arbitrary commands on the affected system. The issue is caused by a failure of the application to sanitize values specified by parameters in the URI...