Cross-site request forgery (CSRF) vulnerability in CS-Cart Japanese Edition v4.3.10 and earlier (excluding v2 and v3), CS-Cart Multivendor Japanese Edition v4.3.10 and earlier (excluding v2 and v3) allows remote attackers to hijack the authentication of administrators via unspecified vectors.
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HCs Cart
APPCs-Cart≤ 4.3.10Cs Cart Multivendor
APPCs-Cart≤ 4.3.10
Related vulnerabilities
Niebezpieczne przesyłanie plików w CS-Cart MultiVendor umożliwia RCE
CS-Cart MultiVendor — nieautoryzowana modyfikacja profili użytkowników przez API
An issue was discovered in CS Cart 4.18.3 allows the vendor login functionality lacks essential security contr...
File Upload vulnerability in CS-Cart MultiVendor 4.16.1 allows remote attackers to run arbitrary code via File...
Directory Traversal vulnerability in CS-Cart MultiVendor 4.16.1 allows remote attackers to obtain sensitive in...