Lucene search

A-cart Security Vulnerabilities

cve

CVE-2019-16251

plugin-fw/lib/yit-plugin-panel-wc.php in the YIT Plugin Framework through 3.3.8 for WordPress allows authenticated options...

4.3CVSS

4.4AI Score

0.001EPSS

2019-10-31 05:15 PM

cve

CVE-2006-6111

Multiple SQL injection vulnerabilities in Alan Ward A-Cart Pro 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) productid parameter in product.asp or (2) search parameter in search.asp. NOTE: the category.asp vector is already covered by...

8.5AI Score

0.008EPSS

2006-11-26 10:07 PM

cve

CVE-2006-2948

A-CART 2.0 stores the acart2_0.mdb file under the web document root with insufficient access control, which allows remote attackers to obtain username and password...

6.8AI Score

0.009EPSS

2006-06-12 08:06 PM

cve

CVE-2004-1874

Multiple cross-site scripting (XSS) vulnerabilities in (1) deliver.asp and (2) billing.asp in A-CART Pro and A-CART 2.0 allow remote attackers to inject arbitrary web script or HTML via the user information...

5.9AI Score

0.004EPSS

2005-05-10 04:00 AM

cve

CVE-2004-1873

SQL injection vulnerability in category.asp in A-CART Pro and A-CART 2.0 allows remote attackers to gain privileges via the catcode...

8.3AI Score

0.008EPSS

2005-05-10 04:00 AM

cve

CVE-2002-1432

MidiCart stores the midicart.mdb database file under the Web document root, which allows remote attackers to steal sensitive information by directly requesting the...

6.7AI Score

0.011EPSS

2003-04-11 04:00 AM