CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2008-6394

SQL injection vulnerability in core/user.php in CS-Cart 1.3.5 and earlier allows remote attackers to execute arbitrary SQL commands via the cs_cookies[customer_user_id] cookie parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 61.2%

CVSS Severity

CVSS v2 Score 7.5

References

Products affected by CVE-2008-6394

Cs-Cart » Cs-Cart » Version: .1.3.0

cpe:2.3:a:cs-cart:cs-cart:.1.3.0
Cs-Cart » Cs-Cart » Version: .1.3.2

cpe:2.3:a:cs-cart:cs-cart:.1.3.2
Cs-Cart » Cs-Cart » Version: .1.3.3

cpe:2.3:a:cs-cart:cs-cart:.1.3.3
Cs-Cart » Cs-Cart » Version: .1.3.4

cpe:2.3:a:cs-cart:cs-cart:.1.3.4
Cs-Cart » Cs-Cart » Version: 1.1

cpe:2.3:a:cs-cart:cs-cart:1.1
Cs-Cart » Cs-Cart » Version: 1.2

cpe:2.3:a:cs-cart:cs-cart:1.2
Cs-Cart » Cs-Cart » Version: 1.3.0

cpe:2.3:a:cs-cart:cs-cart:1.3.0
Cs-Cart » Cs-Cart » Version: 1.3.2

cpe:2.3:a:cs-cart:cs-cart:1.3.2
Cs-Cart » Cs-Cart » Version: 1.3.3

cpe:2.3:a:cs-cart:cs-cart:1.3.3
Cs-Cart » Cs-Cart » Version: 1.3.4

cpe:2.3:a:cs-cart:cs-cart:1.3.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2008-6394

Products

Pricing

Contact Us