exploitDog

CVE-2015-0951

Опубликовано: 05 апр. 2015

Источник: nvd

CVSS2: 6.5

EPSS Низкий

Описание

X-Cart before 5.1.11 allows remote authenticated users to read or delete address data of arbitrary accounts via a modified (1) update or (2) remove request.

Ссылки

http://www.kb.cert.org/vuls/id/924124
Third Party Advisory
US Government Resource
https://blog.x-cart.com/5-1-11-released.html
Patch
Vendor Advisory
http://www.kb.cert.org/vuls/id/924124
Third Party Advisory
US Government Resource
https://blog.x-cart.com/5-1-11-released.html
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:qualiteam:x-cart:*:*:*:*:*:*:*:*

Версия до 5.1.10 (включая)

EPSS

Процентиль: 60%

0.00403

Низкий

6.5 Medium

CVSS2

Дефекты

CWE-264

Связанные уязвимости

GHSA-j3jv-5gvr-8grv

github

больше 3 лет назад

X-Cart before 5.1.11 allows remote authenticated users to read or delete address data of arbitrary accounts via a modified (1) update or (2) remove request.

EPSS

Процентиль: 60%

0.00403

Низкий

6.5 Medium

CVSS2

Дефекты

CWE-264