Cs-Cart: >> Cs-Cart >> 4.1.5 Security Vulnerabilities
The files function in the administration section in CS-Cart 4.6.2 and earlier allows attackers to execute arbitrary PHP code via vectors involving a custom page.
CVSS Score
7.2
EPSS Score
0.004
Published
2017-11-28
Twigmo bundled with CS-Cart 4.3.9 and earlier and Twigmo bundled with CS-Cart Multi-Vendor 4.3.9 and earlier allow remote authenticated users to execute arbitrary PHP code on the servers.
CVSS Score
8.8
EPSS Score
0.024
Published
2017-04-20