CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2006-5953
https://notcve.org/view.php?id=CVE-2006-5953
SQL injection vulnerability in viewcart.asp in Evolve shopping cart (aka Evolve Merchant) allows remote attackers to execute arbitrary SQL commands via the zoneid parameter. Vulnerabilidad de inyección SQL en viewcart.asp en Evolve shopping cart (también conocido como Evolve Merchant) permite a un atacante remoto ejecutar comandos SQL a través del parámetro zoneid. • http://s-a-p.ca/index.php?page=OurAdvisories&id=28 http://secunia.com/advisories/22912 http://www.securityfocus.com/archive/1/451549/100/100/threaded http://www.securityfocus.com/archive/1/453549/100/0/threaded http://www.securityfocus.com/bid/21070/info http://www.vupen.com/english/advisories/2006/4530 https://exchange.xforce.ibmcloud.com/vulnerabilities/30272 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 2CVE-1999-1549
https://notcve.org/view.php?id=CVE-1999-1549
Lynx 2.x does not properly distinguish between internal and external HTML, which may allow a local attacker to read a "secure" hidden form value from a temporary file and craft a LYNXOPTIONS: URL that causes Lynx to modify the user's configuration file and execute commands. • http://marc.info/?l=bugtraq&m=94286509804526&w=2 http://www.securityfocus.com/bid/804 • CWE-346: Origin Validation Error •