Lighthouse Development : Security Vulnerabilities, CVEs, CVSS score >= 7
PHP remote file inclusion vulnerability in popup_window.php in Squirrelcart 1.x.x and earlier allows remote attackers to execute arbitrary PHP code via a URL in the site_isp_root parameter, probably related to cart.php.
Max CVSS
7.5
EPSS Score
6.87%
Published
2007-08-21
Updated
2017-09-29
SQL injection vulnerability in index.php for Lighthouse Squirrelcart allows remote attackers to execute arbitrary SQL commands via the (1) crn parameter in a show action or (2) rn parameter in a show_detail action.
Max CVSS
7.5
EPSS Score
0.23%
Published
2005-05-02
Updated
2017-07-11
2 vulnerabilities found