CVEs (6)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Turnkey Web Tools 1Sunshop Shopping Cart Apr 23, 2026 Aug 30, 2007 N/A· v4 N/A· v3 7.5 HIGH· v2 SQL injection vulnerability in index.php in TurnkeyWebTools SunShop Shopping Cart 4.0 RC 6 allows remote attackers to execute arbitrary SQL commands via the s[cid] parameter in a search_list action, a different vector th...Show more |
1Turnkey Web Tools 1Sunshop Shopping Cart Apr 23, 2026 May 9, 2007 N/A· v4 N/A· v3 7.5 HIGH· v2 SQL injection vulnerability in index.php in TurnkeyWebTools SunShop Shopping Cart 4.0 allows remote attackers to execute arbitrary SQL commands via the (1) c or (2) quantity parameter. |
1Turnkey Web Tools 1Sunshop Shopping Cart Apr 23, 2026 May 9, 2007 N/A· v4 N/A· v3 6.4 MEDIUM· v2 Unspecified vulnerability in index.php in TurnkeyWebTools SunShop Shopping Cart 4.0 has unknown impact and an l remote attack vector, related to "Cookie Manipulation." |
1Turnkey Web Tools 1Sunshop Shopping Cart Apr 23, 2026 May 9, 2007 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Cross-site scripting (XSS) vulnerability in index.php in TurnkeyWebTools SunShop Shopping Cart 4.0 allows remote attackers to inject arbitrary web script or HTML via the l parameter. |
1Turnkey Web Tools 1Sunshop Shopping Cart Apr 23, 2026 May 2, 2007 N/A· v4 N/A· v3 7.5 HIGH· v2 Multiple PHP remote file inclusion vulnerabilities in Turnkey Web Tools SunShop Shopping Cart 4.0 allow remote attackers to execute arbitrary PHP code via a URL in the abs_path parameter to (1) include/payment/payflow_pr...Show more |
1Turnkey Web Tools 1Sunshop Shopping Cart Apr 23, 2026 Apr 18, 2007 N/A· v4 N/A· v3 7.5 HIGH· v2 Multiple PHP remote file inclusion vulnerabilities in Turnkey Web Tools SunShop Shopping Cart before 3.5.1 allow remote attackers to execute arbitrary PHP code via a URL in the abs_path parameter to (1) index.php or (2)...Show more |