Cart Engine Multiple Vulnerabilities

This host is running Cart Engine and is prone to multiple vulnerabilities.
Successful exploitation will allow remote attackers to inject or manipulate SQL queries in the back-end database, conduct open-redirect attacks and execute arbitrary HTML and script code in a user's browser session in the context of an affected site. Impact Level: Application
No solution or patch is available as of 9th February, 2015. Information regarding this issue will be updated once the solution details are available. For updates refer to
Multiple errors exists due to, - Insufficient validation of the input parameters 'item_id[0]' and 'item_id[]' passed to cart.php page. - Insufficient sanitization of multiple pages output which includes the user submitted content. - Insufficient validation of the user-supplied input in index.php, cart.php, msg.php and page.php scripts.
Cart Engine version 3.0. Other versions may also be affected.
Send a crafted data via HTTP GET request and check whether it is able to read cookie or not.