Описание
CS-Cart Japanese Edition v4.3.10 and earlier (excluding v2 and v3), CS-Cart Multivendor Japanese Edition v4.3.10 and earlier (excluding v2 and v3) allows remote attackers to bypass access restriction to obtain customer information via orders.pre.php.
Ссылки
- Third Party AdvisoryVDB Entry
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 4.3.10 (включая)Версия до 4.3.10 (включая)
Одно из
cpe:2.3:a:frogman_office_inc:cs-cart:*:*:*:*:japanese_edition:*:*:*
cpe:2.3:a:frogman_office_inc:cs-cart:*:*:*:*:multivendor_japanese_edition:*:*:*
EPSS
Процентиль: 36%
0.00153
Низкий
5.3 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-425
Связанные уязвимости
CVSS3: 5.3
github
больше 3 лет назад
CS-Cart Japanese Edition v4.3.10 and earlier (excluding v2 and v3), CS-Cart Multivendor Japanese Edition v4.3.10 and earlier (excluding v2 and v3) allows remote attackers to bypass access restriction to obtain customer information via orders.pre.php.
EPSS
Процентиль: 36%
0.00153
Низкий
5.3 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-425