3 matches found
CVE-2018-12457
expressCart before 1.1.6 allows remote attackers to create an admin user via a /admin/setup Referer header...
CVE-2018-12457
expressCart before 1.1.6 allows remote attackers to create an admin user via a /admin/setup Referer header...
CVE-2018-12457
CVE-2018-12457 affects Express-Cart up to version 1.1.6. A remote attacker can create an admin user by exploiting a Referer header to /admin/setup, enabling unauthorized admin account creation. Descriptions across multiple sources confirm the same issue; no explicit exploit details beyond the hea...