Описание
The ShipStation.com plugin 1.0 for CS-Cart allows remote attackers to obtain sensitive information (via action=export) because a typo results in a successful comparison of a blank password and NULL.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:shipstation:shipstation:1.0:*:*:*:*:cs-cart:*:*
EPSS
Процентиль: 26%
0.00092
Низкий
7.5 High
CVSS3
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 7.5
github
почти 3 года назад
The ShipStation.com plugin 1.0 for CS-Cart allows remote attackers to obtain sensitive information (via action=export) because a typo results in a successful comparison of a blank password and NULL.
EPSS
Процентиль: 26%
0.00092
Низкий
7.5 High
CVSS3
Дефекты
NVD-CWE-noinfo