Ghostwire

CVE-2024-53412: Command injection in the connect function in NietThijmen ShoppingCart 0.0.2 allows an attacker to execute arbitrary...

CRITICAL CVSS 9.5

Published: April 15, 2026 | Last Modified: April 15, 2026

Description

Command injection in the connect function in NietThijmen ShoppingCart 0.0.2 allows an attacker to execute arbitrary shell commands and achieve remote code execution via injection of malicious payloads into the Port field

Ghostwire Analysis — What This Means Practically

Critical CVSS score indicates maximum severity — remote code execution, authentication bypass, or complete system compromise is likely possible.

This analysis is generated by Ghostwire from NVD, CISA KEV, EPSS, and open-source intelligence data. Verify findings through primary sources before acting.

References

www.tenable.com/cve/CVE-2024-53412
www.cnnvd.org.cn/home/globalSearch?keyword=CVE-2024-53412