X-Cart 5.0.10 < 5.2.18 Open Redirect

According to the self-reported version in its response header, the version of X-Cart hosted on the remote web server is 5.0.10 5.2.18. It is, therefore, affected by a vulnerability in the redirect functionality. Note that the scanner has not tested for these issues but has instead relied only on...

Qualiteam X-Cart 4.0.8 - &#039;product.php&#039; Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/13817/info X-Cart is prone to SQL injection and cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. These vulnerabilities could permit remote attackers to pass malicious inpu...

xcart343.txt

X-Cart ttp://www.x-cart.comis a well distributed PHP e-commerce solution. We have discovered some security related bugs in X-Cart Version 3.4.3. It is possible that other versions are vulnerable too. Any visitor can view any file on the web server. This URL my be used as proof of concept:...

Qualiteam X-Cart 3.x - upgrade.php?perl_binary Arbitrary Command Execution

Qualiteam X-Cart 3.x - upgrade.php?perlbinary Arbitrary Command Execution source: https://www.securityfocus.com/bid/9560/info X-Cart has been reported to be prone to an issue that may allow remote attackers to execute arbitrary commands on the affected system. The issue is caused by a failure of...