CVE-2014-5111

The provided text describes multiple SQL injection and XSS vulnerabilities in ol-commerce 2.1.1, including a path traversal example for accessing /etc/passwd. However, it lacks actual exploit code or a proof-of-concept.

The provided text describes SQL injection and XSS vulnerabilities in ol-commerce 2.1.1, including a path traversal example for LFI. However, it lacks executable exploit code, making it a vulnerability writeup rather than a functional PoC.

The provided text describes a directory traversal vulnerability in ol-commerce 2.1.1, allowing unauthorized access to sensitive files like /etc/passwd. It also mentions SQL injection and XSS vulnerabilities but lacks executable exploit code.

The provided text describes a directory traversal vulnerability in ol-commerce 2.1.1, allowing an attacker to read arbitrary files (e.g., /etc/passwd) via a null-byte terminated path traversal in the 'lang' parameter. No actual exploit code is included, only a description and example URL.