S-Cart is vulnerable to directory traversal. The vulnerability exists due to a lack of sanitization of the input via the download function allowing an attacker to download arbitrary file via the download request.
CPE | Name | Operator | Version |
---|---|---|---|
s-cart/s-cart | le | v6.7.1 | |
s-cart/s-cart | le | v6.7.1 |