Kartatopia CVE - CVE Search - CVE Details

Filtered by vendor Kartatopia Subscribe

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2019-16123	1 Kartatopia	1 Piluscart	2019-09-09	5.0 MEDIUM	7.5 HIGH
In Kartatopia PilusCart 1.4.1, the parameter filename in the file catalog.php is mishandled, leading to ../ Local File Disclosure.
CVE-2019-9769	1 Kartatopia	1 Piluscart	2019-03-14	6.8 MEDIUM	8.8 HIGH
PilusCart 1.4.1 is vulnerable to index.php?module=users&action=newUser CSRF, leading to the addition of a new user as administrator.

Vulnerabilities (CVE)