CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cross-site scripting XSS vulnerability in X-Cart 4.5.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors to install/...

4.3CVSS5.9AI score0.01477EPSS

Exploits1References1

Tenable Nessus•added 2021/07/09 12:0 a.m.•9 views

X-Cart Concierge Module Information Disclosure

X-Cart Concierge module has been detected on the target X-Cart installation. This may present an attacker with sensitive information to mount further attacks & may leak the admin account email used to log into the store, official company name, license type of the store and other sensitive data No...

6.8AI score

Exploits0References2

Tenable Nessus•added 2021/07/08 12:0 a.m.•14 views

X-Cart 5.0.10 < 5.3.6.8 Deserialization Vulnerability

According to the self-reported version in its response header, the version of X-Cart hosted on the remote web server is 5.0.10 5.3.6.8, 5.4.0.x 5.4.0.13 or 5.4.1.x 5.4.1.8. It is, therefore, affected by a vulnerability in the cookie viewedResources handling leading to insecure deserialization and...

7.5AI score

Exploits0References1

Tenable Nessus•added 2021/07/08 12:0 a.m.•15 views

X-Cart 5.4.1.x < 5.4.1.8 Deserialization Vulnerability

7.5AI score

Exploits0References1

Tenable Nessus•added 2021/07/08 12:0 a.m.•13 views

X-Cart 5.0.10 < 5.2.18 Open Redirect

According to the self-reported version in its response header, the version of X-Cart hosted on the remote web server is 5.0.10 5.2.18. It is, therefore, affected by a vulnerability in the redirect functionality. Note that the scanner has not tested for these issues but has instead relied only on...

7.2AI score

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by