Lucene search
K

12 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2008-1462

Malware in sbrugna...

4.3CVSS6.4AI score0.01511EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2017-2526

Malware in sbrugna...

5.4CVSS5.5AI score0.00538EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/08/02 8:24 p.m.9 views

CVE-2025-50847

Cross Site Request Forgery CSRF vulnerability in CS Cart 4.18.3, allows attackers to add products to a user's comparison list via a crafted HTTP request...

6.5CVSS6.4AI score0.00137EPSS
Exploits0References1
CVE
CVE
added 2025/07/31 12:0 a.m.18 views

CVE-2025-50849

CS Cart 4.18.3 is affected by CVE-2025-50849: an Insecure Direct Object Reference (IDOR) in the user profile function via the company_id parameter allows an authenticated user to alter another user’s sticker setting due to insufficient server-side validation. Root cause: improper validation of ob...

8CVSS6.3AI score0.00249EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 4:53 p.m.4 views

CVE-2020-9009

The ShipStation.com plugin 1.1 and earlier for CS-Cart allows remote attackers to insert arbitrary information into the database via action=shipnotify because access to this endpoint is completely unchecked. The attacker must guess an order number...

3.7CVSS6.9AI score0.00633EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:6 a.m.8 views

CVE-2013-7317

Multiple cross-site scripting XSS vulnerabilities in CS-Cart before 4.1.1 allow remote attackers to inject arbitrary web script or HTML via the 1 settingsfile or 2 datafile parameter to a ampie.swf, b amline.swf, or c amcolumn.swf...

4.3CVSS6AI score0.01012EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:5 a.m.7 views

CVE-2013-0118

CS-Cart before 3.0.6, when PayPal Standard Payments is configured, allows remote attackers to set the payment recipient via a modified value of the merchant's e-mail address, as demonstrated by setting the recipient to one's self...

5CVSS6.8AI score0.01724EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/09/25 12:0 a.m.3 views

CS-Cart 安全漏洞

CS-Cart is an e-commerce platform from CS-Cart Inc. A security vulnerability exists in CS-Cart version 4.16.1. An attacker exploited the vulnerability to change arbitrary user account profiles via a specially crafted request...

9.8CVSS6.8AI score0.00602EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2023/04/11 12:0 a.m.5 views

CVE-2020-9009

The ShipStation.com plugin 1.1 and earlier for CS-Cart allows remote attackers to insert arbitrary information into the database via action=shipnotify because access to this endpoint is completely unchecked. The attacker must guess an order number...

4.3AI score0.00633EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2023/03/28 12:0 a.m.8 views

CVE-2020-8889

The ShipStation.com plugin 1.0 for CS-Cart allows remote attackers to obtain sensitive information via action=export because a typo results in a successful comparison of a blank password and NULL...

7.4AI score0.01004EPSS
Exploits1References2
Packet Storm
Packet Storm
added 2017/11/23 12:0 a.m.4026 views

CS Cart 4.6.2 Shell Upload

Summary CSC Cart is a PHP based shopping cart software, which is hosted either locally or by the company csc-cart company. It has a vulnerability in the administration section, which allows full remote code execution on the server. This has been allcoated CVE-2017-15673 Vendor of Product...

7.1AI score0.01938EPSS
Exploits3
Prion
Prion
added 2015/03/25 2:59 p.m.12 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in CS-Cart 4.2.4 allows remote attackers to hijack the authentication of users for requests that change a user password via a request to profiles-update/...

6.8CVSS7.7AI score0.02749EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder