Vulnerabilities > Turnkey WEB Tools > Sunshop Shopping Cart > 4.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-08-30 | CVE-2007-4597 | SQL Injection vulnerability in Turnkey web Tools Sunshop Shopping Cart 4.0 SQL injection vulnerability in index.php in TurnkeyWebTools SunShop Shopping Cart 4.0 RC 6 allows remote attackers to execute arbitrary SQL commands via the s[cid] parameter in a search_list action, a different vector than CVE-2007-2549. | 7.5 |
2007-05-09 | CVE-2007-2549 | SQL-Injection vulnerability in Turnkey web Tools Sunshop Shopping Cart 4.0 SQL injection vulnerability in index.php in TurnkeyWebTools SunShop Shopping Cart 4.0 allows remote attackers to execute arbitrary SQL commands via the (1) c or (2) quantity parameter. | 7.5 |
2007-05-09 | CVE-2007-2548 | Input Validation vulnerability in Turnkey web Tools Sunshop Shopping Cart 4.0 Unspecified vulnerability in index.php in TurnkeyWebTools SunShop Shopping Cart 4.0 has unknown impact and an l remote attack vector, related to "Cookie Manipulation." | 6.4 |
2007-05-09 | CVE-2007-2547 | Input Validation vulnerability in Turnkey web Tools Sunshop Shopping Cart 4.0 Cross-site scripting (XSS) vulnerability in index.php in TurnkeyWebTools SunShop Shopping Cart 4.0 allows remote attackers to inject arbitrary web script or HTML via the l parameter. network turnkey-web-tools | 4.3 |