E-cart : Security Vulnerabilities, CVEs, CVSS score >= 2
Unrestricted file upload vulnerability in admin/editor/image.php in e-cart.biz Free Shopping Cart allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in images/.
Max CVSS
6.8
EPSS Score
1.61%
Published
2009-04-27
Updated
2017-09-29
index.cgi in E-Cart 2004 1.1 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) art and possibly (2) cat parameters.
Max CVSS
7.5
EPSS Score
2.56%
Published
2005-05-02
Updated
2016-10-18
2 vulnerabilities found