3 matches found
CVE-2016-4862
Twigmo bundled with CS-Cart 4.3.9 and earlier and Twigmo bundled with CS-Cart Multi-Vendor 4.3.9 and earlier allow remote authenticated users to execute arbitrary PHP code on the servers...
CVE-2016-4862
Twigmo bundled with CS-Cart 4.3.9 and earlier and Twigmo bundled with CS-Cart Multi-Vendor 4.3.9 and earlier allow remote authenticated users to execute arbitrary PHP code on the servers...
CVE-2016-4862
The CVE-2016-4862 issue affects the Twigmo add-on shipped with CS-Cart v4.3.9 and earlier (and CS-Cart Multi-Vendor v4.3.9 and earlier). The vulnerability is a PHP object injection flaw caused by unserializing untrusted input in Twigmo, enabling a remote authenticated user to execute arbitrary PH...