CVE-2024-53412

HIGH

NietThijmen ShoppingCart 0.0.2 - Command Injection

Title source: llm

Description

Command injection in the connect function in NietThijmen ShoppingCart 0.0.2 allows an attacker to execute arbitrary shell commands and achieve remote code execution via injection of malicious payloads into the Port field

References (2)

Core 2

Core References

https://github.com/NietThijmen/ShoppingCart/issues/1

https://github.com/Buckdray/vulnerability-research/blob/main/CVE-2024-53412/README.md

View Writeup ZIP pw:eip

Scores

CVSS v3 8.4

EPSS 0.0060

EPSS Percentile 43.9%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

CWE

CWE-77

Status published

Products (1)

NietThijmen/ShoppingCart 0Go

Published Apr 15, 2026

Tracked Since Apr 15, 2026