Tomatocart Security Vulnerabilities and Issues — Tomatocart CVE List

Lucene search

TomatocartTomatocart

2 matches found

CVE•added 2014/10/20 4:55 p.m.•39 views

CVE-2014-3978

SQL injection vulnerability in TomatoCart 1.1.8.6.1 allows remote authenticated users to execute arbitrary SQL commands via the First Name and Last Name fields in a new address book contact.

6.5CVSS7.9AI score0.00705EPSS

CVE•added 2014/10/20 4:55 p.m.•36 views

CVE-2014-3830

Cross-site scripting (XSS) vulnerability in info.php in TomatoCart 1.1.8.6.1 allows remote attackers to inject arbitrary web script or HTML via the faqs_id parameter.

4.3CVSS5.8AI score0.00225EPSS