Every CVE whose affected-product data names Reality66 Cart66 Lite, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2014-9305 — CVSS 6.5 (medium): SQL injection vulnerability in the shortcodeProductsTable function in models/Cart66Ajax.php in the Cart66 Lite plugin before 1.5.2 for…
CVE-2014-9442 — CVSS 6.5 (medium): SQL injection vulnerability in models/Cart66Ajax.php in the Cart66 Lite plugin before 1.5.4 for WordPress allows remote authenticated users…
CVE-2014-9461 — CVSS 3.5 (low): Directory traversal vulnerability in models/Cart66.php in the Cart66 Lite plugin before 1.5.4 for WordPress allows remote authenticated…