CVE-2007-4736

Cartkeeper Ckgold Shopping Cart - SQL Injection

Title source: rule

Description

SQL injection vulnerability in category.php in CartKeeper CKGold Shopping Cart 2.0 allows remote attackers to execute arbitrary SQL commands via the category_id parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by k1tk4t · perlwebappsphp

https://www.exploit-db.com/exploits/4349

View Code ZIP pw:eip

References (4)

[Third Party Advisory, VDB Entry] http://osvdb.org/38422

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/36419

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/4349

[Third Party Advisory] http://www.vupen.com/english/advisories/2007/3088

Scores

EPSS 0.0060

EPSS Percentile 69.6%

Details

CWE

CWE-89

Status published

Products (1)

cartkeeper/ckgold_shopping_cart 2.0

Published Sep 06, 2007

Tracked Since Feb 18, 2026