RSS   Vulnerabilities for 'S-cart'   RSS

2022-02-11
 
CVE-2021-44111

CWE-22
 

 
A Directory Traversal vulnerability exists in S-Cart 6.7 via download in sc-admin/backup.

 
2021-11-01
 
CVE-2021-38847

CWE-434
 

 
S-Cart v6.4.1 and below was discovered to contain an arbitrary file upload vulnerability in the Editor module on the Admin panel. This vulnerability allows attackers to execute arbitrary code via a crafted IMG file.

 
2020-12-15
 
CVE-2020-28457

CWE-79
 

 
This affects the package s-cart/core before 4.4. The search functionality of the admin dashboard in core/src/Admin/Controllers/AdminOrderController.phpindex is vulnerable to XSS.

 
 
CVE-2020-28456

CWE-79
 

 
The package s-cart/core before 4.4 are vulnerable to Cross-site Scripting (XSS) via the admin panel.

 


Copyright 2024, cxsecurity.com

 

Back to Top