Cross site scripting

Cross-site scripting vulnerability in CS-Cart Japanese Edition v4.3.10 and earlier excluding v2 and v3, CS-Cart Multivendor Japanese Edition v4.3.10 and earlier excluding v2 and v3 allows an attacker to inject arbitrary web script or HTML via unspecified vectors...

CVE-2017-10886

Cross-site scripting vulnerability in CS-Cart Japanese Edition v4.3.10 and earlier excluding v2 and v3, CS-Cart Multivendor Japanese Edition v4.3.10 and earlier excluding v2 and v3 allows an attacker to inject arbitrary web script or HTML via unspecified vectors...

CVE-2017-10886

Cross-site scripting vulnerability in CS-Cart Japanese Edition v4.3.10 and earlier excluding v2 and v3, CS-Cart Multivendor Japanese Edition v4.3.10 and earlier excluding v2 and v3 allows an attacker to inject arbitrary web script or HTML via unspecified vectors...

CVE-2017-2138

Cross-site request forgery CSRF vulnerability in CS-Cart Japanese Edition v4.3.10 and earlier excluding v2 and v3, CS-Cart Multivendor Japanese Edition v4.3.10 and earlier excluding v2 and v3 allows remote attackers to hijack the authentication of administrators via unspecified vectors...

CVE-2017-2138

Cross-site request forgery CSRF vulnerability in CS-Cart Japanese Edition v4.3.10 and earlier excluding v2 and v3, CS-Cart Multivendor Japanese Edition v4.3.10 and earlier excluding v2 and v3 allows remote attackers to hijack the authentication of administrators via unspecified vectors...

CVE-2017-2138

CVE-2017-2138 affects CS-Cart Japanese Edition v4.3.10 and earlier (excluding v2/v3) and CS-Cart Multivendor Japanese Edition v4.3.10 and earlier (excluding v2/v3). It is a cross-site request forgery (CSRF) vulnerability that allows remote attackers to hijack the authentication of administrators ...

CVE-2017-2143

CS-Cart Japanese Edition v4.3.10-jp-1 and earlier, CS-Cart Multivendor Japanese Edition v4.3.10-jp-1 and earlier allows remote attackers to bypass access restriction to create a request to return a customer purchased item via rma.post.php...

CVE-2017-2139

CS-Cart Japanese Edition v4.3.10 and earlier excluding v2 and v3, CS-Cart Multivendor Japanese Edition v4.3.10 and earlier excluding v2 and v3 allows remote attackers to bypass access restriction to obtain customer information via orders.pre.php...

Design/Logic Flaw

CS-Cart Japanese Edition v4.3.10 and earlier excluding v2 and v3, CS-Cart Multivendor Japanese Edition v4.3.10 and earlier excluding v2 and v3 allows remote attackers to bypass access restriction to obtain customer information via orders.pre.php...

CVE-2017-2139

CS-Cart Japanese Edition (and CS-Cart Multivendor Japanese Edition) versions up to 4.3.10 are affected. The issue allows remote attackers to bypass access restrictions (CWE-425) and obtain customer information via orders.pre.php. Impact is unauthenticated access to consumer data (e.g., name and s...

phpHoo3 <= 5.2.6 - (phpHoo3.php viewCat) SQL injection Vulnerability

No description provided by source. Viva IslaM Viva IslaM Remote SQL injection Vulnerability phpHoo3 V 4.4.8 - 4.3.9 - 4.3.10 - 5.2.6 - phpHoo3.php viewCat AuTh0r : Mr.SQL H0ME : WwW.PaL-HaCkEr.CoM && WwW.AtsDp.CoM/f Email : [email protected] SYRiAN Arab HACkErS -: Exploites for versions :- V4.4.8...

webshell431-xssxsrf.txt

======================================================================= . .. | | / / | | | | / \ / / /\ / / \ | | | / / \ /\ \| | / // / /\ \ / / / // http://www.lowsec.org ========================================================================...