6 matches found
CVE-2019-16123
In Kartatopia PilusCart 1.4.1, the parameter filename in the file catalog.php is mishandled, leading to ../ Local File Disclosure...
CVE-2019-16123
In Kartatopia PilusCart 1.4.1, the parameter filename in the file catalog.php is mishandled, leading to ../ Local File Disclosure...
CVE-2019-16123
In Kartatopia PilusCart 1.4.1, the parameter filename in the file catalog.php is mishandled, leading to ../ Local File Disclosure...
Arbitrary file deletion
In Kartatopia PilusCart 1.4.1, the parameter filename in the file catalog.php is mishandled, leading to ../ Local File Disclosure...
CVE-2019-16123
In Kartatopia PilusCart 1.4.1, the parameter filename in the file catalog.php is mishandled, leading to ../ Local File Disclosure...
PT-2019-14525 · Kartatopia · Kartatopia Piluscart
Name of the Vulnerable Software and Affected Versions: Kartatopia PilusCart version 1.4.1 Description: The issue arises from the mishandling of the filename parameter in the "catalog.php" file, resulting in a Local File Disclosure vulnerability. This allows for the disclosure of sensitive files o...