Skip to main content

Cart66 Lite

3 CVEs product

Monthly

CVE-2014-9461 LOW POC Monitor

Directory traversal vulnerability in models/Cart66.php in the Cart66 Lite plugin before 1.5.4 for WordPress allows remote authenticated users to read arbitrary files via a .. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Path Traversal WordPress PHP Cart66 Lite
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2014-9442 MEDIUM POC PATCH This Month

SQL injection vulnerability in models/Cart66Ajax.php in the Cart66 Lite plugin before 1.5.4 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the q parameter in a. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

WordPress SQLi PHP Cart66 Lite
NVD
CVSS 2.0
6.5
EPSS
0.4%
CVE-2014-9305 MEDIUM POC PATCH This Month

SQL injection vulnerability in the shortcodeProductsTable function in models/Cart66Ajax.php in the Cart66 Lite plugin before 1.5.2 for WordPress allows remote authenticated users to execute arbitrary. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

WordPress SQLi PHP Cart66 Lite
NVD Exploit-DB
CVSS 2.0
6.5
EPSS
3.7%
EPSS 0% CVSS 3.5
LOW POC Monitor

Directory traversal vulnerability in models/Cart66.php in the Cart66 Lite plugin before 1.5.4 for WordPress allows remote authenticated users to read arbitrary files via a .. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Path Traversal WordPress PHP +1
NVD
EPSS 0% CVSS 6.5
MEDIUM POC PATCH This Month

SQL injection vulnerability in models/Cart66Ajax.php in the Cart66 Lite plugin before 1.5.4 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the q parameter in a. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

WordPress SQLi PHP +1
NVD
EPSS 4% CVSS 6.5
MEDIUM POC PATCH This Month

SQL injection vulnerability in the shortcodeProductsTable function in models/Cart66Ajax.php in the Cart66 Lite plugin before 1.5.2 for WordPress allows remote authenticated users to execute arbitrary. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

WordPress SQLi PHP +1
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy