8 matches found
EUVD-2017-11321
Malware in sbrugna...
CVE-2017-10886
CS-Cart Japanese Edition (and Multivendor Japanese Edition) is affected by CVE-2017-10886. A cross-site scripting vulnerability exists in CS-Cart Japanese Edition versions 4.3.10 and earlier (excluding v2/v3), enabling an attacker to inject arbitrary web script or HTML via unspecified vectors. Th...
PT-2017-15203 · Cs Cart · Cs-Cart Japanese Edition +1
Name of the Vulnerable Software and Affected Versions: CS-Cart Japanese Edition versions 4.3.10 and earlier excluding v2 and v3 CS-Cart Multivendor Japanese Edition versions 4.3.10 and earlier excluding v2 and v3 Description: A cross-site request forgery CSRF issue allows remote attackers to hija...
CS-Cart Japanese Edition and Multivendor Japanese Edition Unrestricted Access Vulnerability
CS-Cart Japanese Edition is a PHP and MySQL based e-commerce software system developed by CS-Cart team. The system supports third-party software extensions, customized promotion strategies, product filter definitions, etc. CS-Cart Multivendor Japanese Edition is an extension of CS-Cart Japanese...
CVE-2017-2139
CS-Cart Japanese Edition v4.3.10 and earlier excluding v2 and v3, CS-Cart Multivendor Japanese Edition v4.3.10 and earlier excluding v2 and v3 allows remote attackers to bypass access restriction to obtain customer information via orders.pre.php...
CVE-2017-2143
CS-Cart Japanese Edition v4.3.10-jp-1 and earlier, CS-Cart Multivendor Japanese Edition v4.3.10-jp-1 and earlier allows remote attackers to bypass access restriction to create a request to return a customer purchased item via rma.post.php...
CS-Cart Japanese Edition vulnerable to cross-site request forgery
Overview CS-Cart is a system for creating online shopping websites. CS-Cart Japanese Edition contains a cross-site request forgery CWE-352 vulnerability. Hirota Kazuki of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...
CS-Cart Japanese Edition fails to restrict access permissions
Overview CS-Cart is a system for creating online shopping websites. CS-Cart Japanese Edition fails to restrict access permissions CWE-425. Hirota Kazuki of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security...