Elemental Software Cartwiz — known CVE vulnerabilities
Every CVE whose affected-product data names Elemental Software Cartwiz, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2005-2206 — CVSS 7.5 (high): Multiple SQL injection vulnerabilities in CartWIZ allow remote attackers to modify SQL statements via the (1) idProduct parameter to…
CVE-2005-1292 — CVSS 4.3 (medium): Multiple cross-site scripting (XSS) vulnerabilities in CartWIZ ASP Cart allow remote attackers to inject arbitrary web script or HTML via…
CVE-2005-2207 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in store/login.asp in CartWIZ allows remote attackers to inject arbitrary web script or HTML via…
CVE-2005-2386 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in viewCart.asp in CartWIZ 1.20 allows remote attackers to inject arbitrary web script or HTML via…
CVE-2005-2427 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in viewCart.asp in CartWIZ allows remote attackers to inject arbitrary web script or HTML via the…