Vulnerability Details CVE-2021-43158
In ProjectWorlds Online Shopping System PHP 1.0, a CSRF vulnerability in cart_remove.php allows a remote attacker to remove any product in the customer's cart.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 30.8%
CVSS Severity
CVSS v3 Score 4.3
CVSS v2 Score 4.3
References
- https://github.com/projectworldsofficial/online-shopping-webvsite-in-php/issues/2
- https://projectworlds.in/free-projects/php-projects/free-download-online-shopping-system/
- https://github.com/projectworldsofficial/online-shopping-webvsite-in-php/issues/2
- https://projectworlds.in/free-projects/php-projects/free-download-online-shopping-system/
Products affected by CVE-2021-43158
-
cpe:2.3:a:projectworlds:online_shopping_system_in_php:1.0