threat
engine
.sh
Back
·
··:··
Home
/
Product
/
opensolution quick.cart
Product
opensolution quick.cart
16 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2026-23797
all versions
In Quick.Cart user passwords are stored in plaintext form. An attacker with high privileges can display users' password in user ed
4.9
MEDIUM
CVE-2026-23796
all versions
Quick.Cart allows a user's session identifier to be set before authentication. The value of this session ID stays the same after a
9.8
CRITICAL
CVE-2025-67684
all versions
Quick.Cart is vulnerable to Local File Inclusion and Path Traversal issues in the theme selection mechanism. Quick.Cart allows a p
7.2
HIGH
CVE-2025-67683
all versions
Quick.Cart is vulnerable to reflected XSS via the sSort parameter. An attacker can craft a malicious URL which, when opened, resul
6.1
MEDIUM
CVE-2020-35754
< 6.7
OpenSolution Quick.CMS < 6.7 and Quick.Cart < 6.7 allow an authenticated user to perform code injection (and consequently Remote C
7.2
HIGH
CVE-2012-6430
all versions
Cross-site scripting (XSS) vulnerability in Open Solution Quick.Cms 5.0 and Quick.Cart 6.0, possibly as downloaded before December
CVE-2012-6049
all versions
Open Solution Quick.Cart 5.0 allows remote attackers to obtain sensitive information via (1) a long string or (2) invalid characte
CVE-2009-4120
all versions
Multiple cross-site request forgery (CSRF) vulnerabilities in Quick.Cart 3.4 allow remote attackers to hijack the authentication o
CVE-2008-4140
all versions
Cross-site scripting (XSS) vulnerability in admin.php in Quick.Cart 3.1 allows remote attackers to inject arbitrary web script or
CVE-2007-3139
<= 2.2
config/general.php in Quick.Cart 2.2 and earlier uses a default username and password, which allows remote attackers to access the
CVE-2007-3138
<= 2.2
Directory traversal vulnerability in index.php in Open Solution Quick.Cart 2.2 and earlier allows remote attackers to include and
CVE-2007-1407
<= 2.0
Unspecified vulnerability in OpenSolution Quick.Cart before 2.1 has unknown impact and attack vectors, related to a "low critical
CVE-2006-6391
all versions
Multiple directory traversal vulnerabilities in Open Solution Quick.Cart 2.0, when register_globals is enabled and magic_quotes_gp
CVE-2006-6390
all versions
Multiple directory traversal vulnerabilities in Open Solution Quick.Cart 2.0, when register_globals is enabled and magic_quotes_gp
CVE-2005-1587
all versions
Cross-site scripting (XSS) vulnerability in index.php for Quick.cart 0.3.0 allows remote attackers to inject arbitrary web script
CVE-2005-1588
all versions
SQL injection vulnerability in index.php for Quick.cart 0.3.0 allows remote attackers to execute arbitrary SQL commands via the iC
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin