Lucene search
Spa-cartSpa-cart
2 matches found
CVE-2023-43149
SPA-Cart 1.9.0.3 is vulnerable to Cross Site Request Forgery (CSRF) that allows a remote attacker to add an admin user with role status.
8.8CVSS8.7AI score0.00773EPSS
CVE-2023-43148
SPA-Cart 1.9.0.3 has a Cross Site Request Forgery (CSRF) vulnerability that allows a remote attacker to delete all accounts.
8.1CVSS8.1AI score0.00758EPSS