xt:Commerce <= 3.04 SP2.1 - Time Based Blind SQL Injection

No description provided by source. +---------------------------------+ | xt:Commerce = v3.04 SP2.1 | | commerce:SEO = v2.1 CE | | Gambio = v2.0.10 SP1.4 | | Time Based Blind SQL Injection | +---------------------------------+ Author.............: Ralf Zimmermann Mail...............:...

xt:Commerce VEYTON 4.0.15 (products_name_de) Script Insertion Vulnerability

No description provided by source...

xt:Commerce VEYTON 4.0.15 (products_name_de) Script Insertion Vulnerability

Summary One shop system, many shop solutions. The shop software xt:Commerce 4 is the basic framework for online shops and for merchants who install and configure their own shop. Description xt:Commerce suffers from a stored XSS vulnerability when parsing user input to the 'productsnamede' paramet...

xt:Commerce 3.04 SP2.1 Blind SQL Injection

+---------------------------------+ | xt:Commerce = v3.04 SP2.1 | | commerce:SEO = v2.1 CE | | Gambio = v2.0.10 SP1.4 | | Time Based Blind SQL Injection | +---------------------------------+ Author.............: Ralf Zimmermann Mail...............: infoATstoffline.com Vendor Homepage....:...

xt:Commerce 3.04 SP2.1 - Blind SQL Injection

xt:Commerce 3.04 SP2.1 - Blind SQL Injection +---------------------------------+ | xt:Commerce = v3.04 SP2.1 | | commerce:SEO = v2.1 CE | | Gambio = v2.0.10 SP1.4 | | Time Based Blind SQL Injection | +---------------------------------+ Author.............: Ralf Zimmermann Mail...............:...

xt:Commerce <= v3.04 SP2.1 Time Based Blind SQL Injection

Exploit for php platform in category web applications +---------------------------------+ | xt:Commerce = v3.04 SP2.1 | | commerce:SEO = v2.1 CE | | Gambio = v2.0.10 SP1.4 | | Time Based Blind SQL Injection | +---------------------------------+ Author.............: Ralf Zimmermann...

CVE-2008-6045

Session fixation vulnerability in shoppingcart.php in xt:Commerce 3.0.4 and earlier allows remote attackers to hijack web sessions by setting the XTCsid parameter...

Directory traversal

Directory traversal vulnerability in index.php in xtcommerce allows remote attackers to read arbitrary files via a .. dot dot in the template parameter...

CVE-2007-1126

Directory traversal vulnerability in index.php in xtcommerce allows remote attackers to read arbitrary files via a .. dot dot in the template parameter...

CVE-2007-1126

CVE-2007-1126 affects xtcommerce via a directory-traversal flaw in index.php where the template parameter can be manipulated with .. to read arbitrary files. The root cause is improper sanitization of the template parameter, enabling unauthorized file access. Documentation lists the vulnerability...

CVE-2007-1126

Directory traversal vulnerability in index.php in xtcommerce allows remote attackers to read arbitrary files via a .. dot dot in the template parameter...

PT-2007-2553 · Xt:Commerce · Xt:Commerce

Name of the Vulnerable Software and Affected Versions: xtcommerce affected versions not specified Description: The issue allows remote attackers to read arbitrary files via a .. dot dot in the template parameter of the index.php file. This enables access to sensitive information. Recommendations:...

xtcommerce local file include

xtcommerce local file include local file include: /index.php?currency=EUR&manufacturersid=1&template=../../../../../../../../etc/passwd00 regards laurent gaffie...

xtcommerce-lfi.txt

xtcommerce local file include local file include: /index.php?currency=EUR&manufacturersid=1&template=../../../../../../../../etc/passwd%00 regards laurent gaffié...