Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/08/02 8:24 p.m.11 views

CVE-2025-50849

CS Cart 4.18.3 is vulnerable to Insecure Direct Object Reference IDOR. The user profile functionality allows enabling or disabling stickers through a parameter companyid sent in the request. However, this operation is not properly validated on the server side. An authenticated user can manipulate...

8CVSS6.2AI score0.00251EPSS
Exploits0References1
NVD
NVD
added 2025/07/31 3:15 p.m.6 views

CVE-2025-50849

CS Cart 4.18.3 is vulnerable to Insecure Direct Object Reference IDOR. The user profile functionality allows enabling or disabling stickers through a parameter companyid sent in the request. However, this operation is not properly validated on the server side. An authenticated user can manipulate...

8CVSS0.00251EPSS
Exploits0References1
CVE
CVE
added 2025/07/31 12:0 a.m.20 views

CVE-2025-50849

CS Cart 4.18.3 is affected by CVE-2025-50849: an Insecure Direct Object Reference (IDOR) in the user profile function via the company_id parameter allows an authenticated user to alter another user’s sticker setting due to insufficient server-side validation. Root cause: improper validation of ob...

8CVSS6.3AI score0.00251EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/07/31 12:0 a.m.5 views

CVE-2025-50849

CS Cart 4.18.3 is vulnerable to Insecure Direct Object Reference IDOR. The user profile functionality allows enabling or disabling stickers through a parameter companyid sent in the request. However, this operation is not properly validated on the server side. An authenticated user can manipulate...

6.9AI score0.00251EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/07/31 12:0 a.m.13 views

CVE-2025-50849

CS Cart 4.18.3 is vulnerable to Insecure Direct Object Reference IDOR. The user profile functionality allows enabling or disabling stickers through a parameter companyid sent in the request. However, this operation is not properly validated on the server side. An authenticated user can manipulate...

0.00251EPSS
Exploits0References1
Rows per page
Query Builder