CVEDB API

Vulnerabilities

Vulnerable Software

Turnkey Web Tools: >> Sunshop Shopping Cart >> 4.0 Security Vulnerabilities

CVE-2007-4597

SQL injection vulnerability in index.php in TurnkeyWebTools SunShop Shopping Cart 4.0 RC 6 allows remote attackers to execute arbitrary SQL commands via the s[cid] parameter in a search_list action, a different vector than CVE-2007-2549.

CVSS Score

7.5

EPSS Score

0.003

Published

2007-08-30

CVE-2007-2547

Cross-site scripting (XSS) vulnerability in index.php in TurnkeyWebTools SunShop Shopping Cart 4.0 allows remote attackers to inject arbitrary web script or HTML via the l parameter.

CVSS Score

4.3

EPSS Score

0.026

Published

2007-05-09

CVE-2007-2548

Unspecified vulnerability in index.php in TurnkeyWebTools SunShop Shopping Cart 4.0 has unknown impact and an l remote attack vector, related to "Cookie Manipulation."

CVSS Score

6.4

EPSS Score

0.003

Published

2007-05-09

CVE-2007-2549

SQL injection vulnerability in index.php in TurnkeyWebTools SunShop Shopping Cart 4.0 allows remote attackers to execute arbitrary SQL commands via the (1) c or (2) quantity parameter.

CVSS Score

7.5

EPSS Score

0.008

Published

2007-05-09

Page 1

Vulnerabilities

Vulnerable Software

Turnkey Web Tools: >> Sunshop Shopping Cart >> 4.0 Security Vulnerabilities

Products

Pricing

Contact Us