Cfshopkart Cf Shopkart vulnerabilities
3 known vulnerabilities affecting cfshopkart/cf_shopkart.
Total CVEs
3
CISA KEV
0
Public exploits
3
Exploited in wild
0
Severity breakdown
HIGH2MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2008-6320P3HIGHCVSS 7.5PoCv5.2.22009-02-27
CVE-2008-6320 [HIGH] CWE-89 CVE-2008-6320: SQL injection vulnerability in index.cfm in CF Shopkart 5.2.2 allows remote attackers to execute arb
SQL injection vulnerability in index.cfm in CF Shopkart 5.2.2 allows remote attackers to execute arbitrary SQL commands via the Category parameter in a ViewCategory action.
nvd
CVE-2009-3309P3HIGHCVSS 7.5PoCv5.42009-09-23
CVE-2009-3309 [HIGH] CVE-2009-3309: SQL injection vulnerability in index.cfm in CF ShopKart 5.4 beta allows remote attackers to execute
SQL injection vulnerability in index.cfm in CF ShopKart 5.4 beta allows remote attackers to execute arbitrary SQL commands via the itemid parameter in a ViewDetails action, a different vector than CVE-2008-6320.
nvd
CVE-2008-6321P4MEDIUMCVSS 5.0PoCv5.2.22009-02-27
CVE-2008-6321 [MEDIUM] CWE-264 CVE-2008-6321: CF Shopkart 5.2.2 stores cfshopkart52.mdb under the web root with insufficient access control, which
CF Shopkart 5.2.2 stores cfshopkart52.mdb under the web root with insufficient access control, which allows remote attackers to obtain sensitive information, such as usernames and passwords, via a direct request.
nvd