VYPR

Cart

by KomSeo

CVEs (2)

  • CVE-2018-25206HigMar 26, 2026
    risk 0.53cvss 8.2epss 0.00

    KomSeo Cart 1.3 contains an SQL injection vulnerability that allows attackers to inject SQL commands through the 'my_item_search' parameter in edit.php. Attackers can submit POST requests with malicious SQL payloads to extract sensitive database information using boolean-based…

  • CVE-2004-0681Aug 6, 2004
    risk 0.03cvss epss 0.02

    Multiple cross-site scripting (XSS) vulnerabilities in (1) comersus_customerAuthenticateForm.asp, (2) comersus_backoffice_message.asp, (3) comersus_supportError.asp, or (4) comersus_message.asp in Comersus Cart 5.09 allow remote attackers to execute web script as other users via…