Kryptronic Clickcartpro vulnerabilities
2 known vulnerabilities affecting kryptronic/clickcartpro.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2005-4293P4MEDIUMCVSS 4.3PoCv1.0v2.0+10 more2005-12-16
CVE-2005-4293 [MEDIUM] CVE-2005-4293: Cross-site scripting (XSS) vulnerability in cp-app.cgi in ClickCartPro (CCP) 5.1 and earlier allows
Cross-site scripting (XSS) vulnerability in cp-app.cgi in ClickCartPro (CCP) 5.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the affl parameter.
nvd
CVE-2002-2310P4MEDIUMCVSS 5.0v4.02002-12-31
CVE-2002-2310 [MEDIUM] CWE-255 CVE-2002-2310: ClickCartPro 4.0 stores the admin_user.db data file under the web document root with insufficient ac
ClickCartPro 4.0 stores the admin_user.db data file under the web document root with insufficient access control on servers other than Apache, which allows remote attackers to obtain usernames and passwords.
nvd