CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cross-site scripting XSS vulnerability in X-Cart 4.5.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors to install/...

4.3CVSS5.9AI score0.00225EPSS

Exploits1References1

Tenable Nessus•added 2021/07/09 12:0 a.m.•8 views

X-Cart Concierge Module Information Disclosure

X-Cart Concierge module has been detected on the target X-Cart installation. This may present an attacker with sensitive information to mount further attacks & may leak the admin account email used to log into the store, official company name, license type of the store and other sensitive data No...

6.8AI score

Exploits0References2

Tenable Nessus•added 2021/07/08 12:0 a.m.•10 views

X-Cart 5.0.10 < 5.3.6.5 Multiple Vulnerabilities

According to the self-reported version in its response header, the version of X-Cart hosted on the remote web server is 5.0.10 5.3.6.5. It is, therefore, affected by various security issues in the Core, GoSocial, ThemeTweaker & RESTAPI modules. Note that the scanner has not tested for these issue...

7.5AI score

Exploits0References1

Tenable Nessus•added 2021/07/08 12:0 a.m.•11 views

X-Cart 4.4.0 < 4.7.11 Multiple Vulnerabilities

According to the self-reported version in its response header, the version of X-Cart hosted on the remote web server is 4.4.0 4.7.10. It is, therefore, affected by multiples vulnerabilities : - A SQL injection vulnerability. - A Cross-Site Scripting XSS against embedded jQuery component. Note tha...

7.6AI score

Exploits0References1

Tenable Nessus•added 2021/07/08 12:0 a.m.•14 views

X-Cart 5.4.1.x < 5.4.1.8 Deserialization Vulnerability

According to the self-reported version in its response header, the version of X-Cart hosted on the remote web server is 5.0.10 5.3.6.8, 5.4.0.x 5.4.0.13 or 5.4.1.x 5.4.1.8. It is, therefore, affected by a vulnerability in the cookie viewedResources handling leading to insecure deserialization and...

7.5AI score

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by