Lighthouse Development: Security Vulnerabilities
PHP remote file inclusion vulnerability in popup_window.php in Squirrelcart 1.x.x and earlier allows remote attackers to execute arbitrary PHP code via a URL in the site_isp_root parameter, probably related to cart.php.
CVSS Score
7.5
EPSS Score
0.018
Published
2007-08-21
PHP remote file inclusion vulnerability in cart_content.php in Squirrelcart 2.2.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the cart_isp_root parameter.
CVSS Score
6.4
EPSS Score
0.111
Published
2006-05-19
SQL injection vulnerability in index.php for Lighthouse Squirrelcart allows remote attackers to execute arbitrary SQL commands via the (1) crn parameter in a show action or (2) rn parameter in a show_detail action.
CVSS Score
7.5
EPSS Score
0.003
Published
2005-05-02