Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Kartatopia Subscribe
Filtered by product Piluscart
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-16123 1 Kartatopia 1 Piluscart 2019-09-09 5.0 MEDIUM 7.5 HIGH
In Kartatopia PilusCart 1.4.1, the parameter filename in the file catalog.php is mishandled, leading to ../ Local File Disclosure.
CVE-2019-9769 1 Kartatopia 1 Piluscart 2019-03-14 6.8 MEDIUM 8.8 HIGH
PilusCart 1.4.1 is vulnerable to index.php?module=users&action=newUser CSRF, leading to the addition of a new user as administrator.