Max CVSS | 7.5 | Min CVSS | 6.8 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2007-3139 | 6.8 |
config/general.php in Quick.Cart 2.2 and earlier uses a default username and password, which allows remote attackers to access the application via a login action to admin.php. NOTE: this can be leveraged to upload and execute arbitrary code.
|
11-10-2017 - 01:32 | 08-06-2007 - 16:30 | |
CVE-2007-3138 | 7.5 |
Directory traversal vulnerability in index.php in Open Solution Quick.Cart 2.2 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in an sLanguage cookie, which is used to define a value in config/gener
|
11-10-2017 - 01:32 | 08-06-2007 - 16:30 |