Vulnerabilities (CVE)

Filtered by vendor I-soft Subscribe
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-1999-0607 1 I-soft 1 Quikstore 2023-12-10 5.0 MEDIUM N/A
quikstore.cgi in QuikStore shopping cart stores quikstore.cfg under the web document root with insufficient access control, which allows remote attackers to obtain the cleartext administrator password and gain privileges.
CVE-2000-1223 1 I-soft 1 Quikstore 2023-12-10 7.5 HIGH N/A
quikstore.cgi in Quikstore Shopping Cart allows remote attackers to execute arbitrary commands via shell metacharacters in the URL portion of an HTTP GET request.
CVE-2000-1188 1 I-soft 1 Quikstore 2023-12-10 5.0 MEDIUM N/A
Directory traversal vulnerability in Quikstore shopping cart program allows remote attackers to read arbitrary files via a .. (dot dot) attack in the "page" parameter.