CVE-2024-53412

HIGH

NietThijmen ShoppingCart 0.0.2 - Command Injection

Title source: llm

Description

Command injection in the connect function in NietThijmen ShoppingCart 0.0.2 allows an attacker to execute arbitrary shell commands and achieve remote code execution via injection of malicious payloads into the Port field

References (2)

https://github.com/NietThijmen/ShoppingCart/issues/1

https://github.com/Buckdray/vulnerability-research/blob/main/CVE-2024-53412/README.md

View Writeup ZIP pw:eip

Scores

CVSS v3 8.4

EPSS 0.0018

EPSS Percentile 39.9%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-77

Status published

Products (1)

NietThijmen/ShoppingCart 0Go

Published Apr 15, 2026

Tracked Since Apr 15, 2026