In Kartatopia PilusCart 1.4.1, the parameter filename in the file catalog.php is mishandled, leading to ../ Local File...
7.5CVSS
7.3AI Score
0.638EPSS
PilusCart 1.4.1 is vulnerable to index.php?module=users&action=newUser CSRF, leading to the addition of a new user as...
8.8CVSS
7.3AI Score
0.001EPSS