Lucene search
K

264 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 4:6 a.m.8 views

CVE-2013-7317

Multiple cross-site scripting XSS vulnerabilities in CS-Cart before 4.1.1 allow remote attackers to inject arbitrary web script or HTML via the 1 settingsfile or 2 datafile parameter to a ampie.swf, b amline.swf, or c amcolumn.swf...

4.3CVSS6AI score0.01012EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:5 a.m.7 views

CVE-2013-0118

CS-Cart before 3.0.6, when PayPal Standard Payments is configured, allows remote attackers to set the payment recipient via a modified value of the merchant's e-mail address, as demonstrated by setting the recipient to one's self...

5CVSS6.8AI score0.01724EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2024/09/25 1:15 a.m.5 views

CVE-2023-26691

Directory Traversal vulnerability in CS-Cart MultiVendor 4.16.1 allows remote attackers to run arbitrary code via crafted zip file when installing a new add-on...

7.2CVSS6.2AI score0.01245EPSS
Exploits1References3
NVD
NVD
added 2024/09/25 1:15 a.m.11 views

CVE-2023-26691

Directory Traversal vulnerability in CS-Cart MultiVendor 4.16.1 allows remote attackers to run arbitrary code via crafted zip file when installing a new add-on...

7.2CVSS0.01245EPSS
Exploits1References2
OSV
OSV
added 2024/09/25 1:15 a.m.6 views

CVE-2023-26691

Directory Traversal vulnerability in CS-Cart MultiVendor 4.16.1 allows remote attackers to run arbitrary code via crafted zip file when installing a new add-on...

7.2CVSS6AI score0.01245EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2024/09/25 1:15 a.m.2 views

CVE-2023-26688

Cross Site Scripting XSS vulnerability in CS-Cart MultiVendor 4.16.1 allows remote attackers to run arbitrary code via the productdata parameter of add/edit product in the administration interface...

5.4CVSS6.2AI score0.00423EPSS
Exploits1References4
NVD
NVD
added 2024/09/25 1:15 a.m.19 views

CVE-2023-26687

Directory Traversal vulnerability in CS-Cart MultiVendor 4.16.1 allows remote attackers to obtain sensitive information via the productdata parameter in the PDF Add-on...

8.8CVSS0.0128EPSS
Exploits1References1
OSV
OSV
added 2024/09/25 1:15 a.m.4 views

CVE-2023-26687

Directory Traversal vulnerability in CS-Cart MultiVendor 4.16.1 allows remote attackers to obtain sensitive information via the productdata parameter in the PDF Add-on...

8.8CVSS5.8AI score0.0128EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2024/09/25 1:15 a.m.7 views

CVE-2023-26690

File Upload vulnerability in CS-Cart MultiVendor 4.16.1 allows remote attackers to run arbitrary code via File Manager/Editor component in the vendor or admin menu...

8.8CVSS6.2AI score0.00684EPSS
Exploits1References3
NVD
NVD
added 2024/09/25 1:15 a.m.15 views

CVE-2023-26688

Cross Site Scripting XSS vulnerability in CS-Cart MultiVendor 4.16.1 allows remote attackers to run arbitrary code via the productdata parameter of add/edit product in the administration interface...

5.4CVSS0.00423EPSS
Exploits1References2
OSV
OSV
added 2024/09/25 1:15 a.m.5 views

CVE-2023-26686

File Upload vulnerability in CS-Cart MultiVendor 4.16.1 allows remote attackers to run arbitrary code via the image upload feature when customizing a shop...

9.8CVSS6AI score0.00711EPSS
Exploits1References2
OSV
OSV
added 2024/09/25 1:15 a.m.5 views

CVE-2023-26689

An issue discovered in CS-Cart MultiVendor 4.16.1 allows attackers to alter arbitrary user account profiles via crafted post request...

9.8CVSS5.9AI score0.0062EPSS
Exploits1References1
OSV
OSV
added 2024/09/25 1:15 a.m.4 views

CVE-2023-26690

File Upload vulnerability in CS-Cart MultiVendor 4.16.1 allows remote attackers to run arbitrary code via File Manager/Editor component in the vendor or admin menu...

8.8CVSS6AI score0.00684EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2024/09/25 1:15 a.m.2 views

CVE-2023-26686

File Upload vulnerability in CS-Cart MultiVendor 4.16.1 allows remote attackers to run arbitrary code via the image upload feature when customizing a shop...

9.8CVSS6.2AI score0.00711EPSS
Exploits1References3
OSV
OSV
added 2024/09/25 1:15 a.m.4 views

CVE-2023-26688

Cross Site Scripting XSS vulnerability in CS-Cart MultiVendor 4.16.1 allows remote attackers to run arbitrary code via the productdata parameter of add/edit product in the administration interface...

5.4CVSS6AI score0.00423EPSS
Exploits1References2
NVD
NVD
added 2024/09/25 1:15 a.m.15 views

CVE-2023-26686

File Upload vulnerability in CS-Cart MultiVendor 4.16.1 allows remote attackers to run arbitrary code via the image upload feature when customizing a shop...

9.8CVSS0.00711EPSS
Exploits1References2
NVD
NVD
added 2024/09/25 1:15 a.m.13 views

CVE-2023-26689

An issue discovered in CS-Cart MultiVendor 4.16.1 allows attackers to alter arbitrary user account profiles via crafted post request...

9.8CVSS0.0062EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/09/25 12:0 a.m.5 views

CS-Cart 安全漏洞

CS-Cart is an e-commerce platform from CS-Cart Inc. A security vulnerability exists in CS-Cart version 4.16.1. An attacker exploited the vulnerability to change arbitrary user account profiles via a specially crafted request...

9.8CVSS6.8AI score0.0062EPSS
Exploits1References2
CNNVD
CNNVD
added 2024/09/25 12:0 a.m.5 views

CS-Cart 安全漏洞

CS-Cart is an e-commerce platform from CS-Cart Inc. A security vulnerability exists in CS-Cart version 4.16.1. A remote attacker can exploit the vulnerability to run arbitrary code...

8.8CVSS7AI score0.00684EPSS
Exploits1References3
CNNVD
CNNVD
added 2024/09/25 12:0 a.m.5 views

CS-Cart 安全漏洞

CS-Cart is an e-commerce platform from CS-Cart Inc. A security vulnerability exists in CS-Cart version 4.16.1. A remote attacker can exploit the vulnerability to run arbitrary code...

7.2CVSS7AI score0.01245EPSS
Exploits1References3
Rows per page
Query Builder