Vulnerabilities > Mcmurtrey Whitaker AND Associates > Cart32 > 3.0

DATE	CVE	VULNERABILITY TITLE	RISK
2004-08-06	CVE-2004-0675	Cross-Site Scripting vulnerability in McMurtrey/Whitaker & Associates Cart32 GetLatestBuilds Script Cross-site scripting (XSS) vulnerability in (1) cart32.exe or (2) c32web.exe in Cart32 shopping cart allows remote attackers to execute arbitrary web script via the cart32 parameter to a GetLatestBuilds command. network mcmurtrey-whitaker-and-associates	6.8
2000-05-03	CVE-2000-0430	Unspecified vulnerability in Mcmurtrey Whitaker and Associates Cart32 3.0 Cart32 allows remote attackers to access sensitive debugging information by appending /expdate to the URL request. network low complexity mcmurtrey-whitaker-and-associates	5.0
2000-04-27	CVE-2000-0429	Unspecified vulnerability in Mcmurtrey Whitaker and Associates Cart32 2.6/3.0 A backdoor password in Cart32 3.0 and earlier allows remote attackers to execute arbitrary commands. network low complexity mcmurtrey-whitaker-and-associates	7.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.