Cs-cart@4.18.3 Security Vulnerabilities and Issues — Cs-cart@4.18.3 CVE List

Lucene search

Cs-cartCs-cart4.18.3

3 matches found

cve•added 2025/07/31 4:15 p.m.•5 views

CVE-2025-50847

Cross Site Request Forgery (CSRF) vulnerability in CS Cart 4.18.3, allows attackers to add products to a user's comparison list via a crafted HTTP request.

6.5CVSS7.1AI score0.00054EPSS

cve•added 2025/07/31 4:15 p.m.•5 views

CVE-2025-50848

A file upload vulnerability was discovered in CS Cart 4.18.3, allows attackers to execute arbitrary code. CS Cart 4.18.3 allows unrestricted upload of HTML files, which are rendered directly in the browser when accessed. This allows an attacker to upload a crafted HTML file containing malicious con...

6.1CVSS6.4AI score0.00039EPSS

cve•added 2025/07/31 4:15 p.m.•4 views

CVE-2025-50850

An issue was discovered in CS Cart 4.18.3 allows the vendor login functionality lacks essential security controls such as CAPTCHA verification and rate limiting. This allows an attacker to systematically attempt various combinations of usernames and passwords (brute-force attack) to gain unauthoriz...

8.6CVSS7.4AI score0.00058EPSS