Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Piluscart
(Kartatopia)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 2 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2019-09-09 | CVE-2019-16123 | In Kartatopia PilusCart 1.4.1, the parameter filename in the file catalog.php is mishandled, leading to ../ Local File Disclosure. | Piluscart | 7.5 | ||
2019-03-14 | CVE-2019-9769 | PilusCart 1.4.1 is vulnerable to index.php?module=users&action=newUser CSRF, leading to the addition of a new user as administrator. | Piluscart | 8.8 |