Vulnerabilities > Cfshopkart

DATE	CVE	VULNERABILITY TITLE	RISK
2009-09-23	CVE-2009-3309	SQL Injection vulnerability in Cfshopkart CF Shopkart 5.4 SQL injection vulnerability in index.cfm in CF ShopKart 5.4 beta allows remote attackers to execute arbitrary SQL commands via the itemid parameter in a ViewDetails action, a different vector than CVE-2008-6320. network low complexity cfshopkart CWE-89	7.5
2009-02-27	CVE-2008-6321	Permissions, Privileges, and Access Controls vulnerability in Cfshopkart CF Shopkart 5.2.2 CF Shopkart 5.2.2 stores cfshopkart52.mdb under the web root with insufficient access control, which allows remote attackers to obtain sensitive information, such as usernames and passwords, via a direct request. network low complexity cfshopkart CWE-264	5.0
2009-02-27	CVE-2008-6320	SQL Injection vulnerability in Cfshopkart CF Shopkart 5.2.2 SQL injection vulnerability in index.cfm in CF Shopkart 5.2.2 allows remote attackers to execute arbitrary SQL commands via the Category parameter in a ViewCategory action. network low complexity cfshopkart CWE-89	7.5

Vulnerabilities > Cfshopkart {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Cfshopkart"}]}