Vendor
Cfshopkart
Products
1
CVEs
3
Across products
3
Status
Private
Products
1- 3 CVEs
Recent CVEs
3| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2009-3309 | 0.03 | — | 0.00 | Sep 23, 2009 | SQL injection vulnerability in index.cfm in CF ShopKart 5.4 beta allows remote attackers to execute arbitrary SQL commands via the itemid parameter in a ViewDetails action, a different vector than CVE-2008-6320. | ||
| CVE-2008-6321 | 0.03 | — | 0.05 | Feb 27, 2009 | CF Shopkart 5.2.2 stores cfshopkart52.mdb under the web root with insufficient access control, which allows remote attackers to obtain sensitive information, such as usernames and passwords, via a direct request. | ||
| CVE-2008-6320 | 0.03 | — | 0.00 | Feb 27, 2009 | SQL injection vulnerability in index.cfm in CF Shopkart 5.2.2 allows remote attackers to execute arbitrary SQL commands via the Category parameter in a ViewCategory action. |
- CVE-2009-3309Sep 23, 2009risk 0.03cvss —epss 0.00
SQL injection vulnerability in index.cfm in CF ShopKart 5.4 beta allows remote attackers to execute arbitrary SQL commands via the itemid parameter in a ViewDetails action, a different vector than CVE-2008-6320.
- CVE-2008-6321Feb 27, 2009risk 0.03cvss —epss 0.05
CF Shopkart 5.2.2 stores cfshopkart52.mdb under the web root with insufficient access control, which allows remote attackers to obtain sensitive information, such as usernames and passwords, via a direct request.
- CVE-2008-6320Feb 27, 2009risk 0.03cvss —epss 0.00
SQL injection vulnerability in index.cfm in CF Shopkart 5.2.2 allows remote attackers to execute arbitrary SQL commands via the Category parameter in a ViewCategory action.