Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hucart hucart 5.7.4 vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2020-18475
Cross Site Scripting (XSS) vulnerabilty exists in Hucart CMS 5.7.4 is via the mes_title field. The first user inserts a malicious script into the header field of the outbox and sends it to other users. When other users open the email, the malicious code will be executed.
Hucart Hucart 5.7.4
8.8
CVSSv3
CVE-2020-18476
SQL Injection vulnerability in Hucart CMS 5.7.4 via the basic information field found in the avatar usd_image field.
Hucart Hucart 5.7.4
8.8
CVSSv3
CVE-2020-18477
SQL Injection vulnerability in Hucart CMS 5.7.4 via the purchase enquiry field found in the Message con_content field.
Hucart Hucart 5.7.4
5.4
CVSSv3
CVE-2020-18158
Cross Site Scripting (XSS) vulnerability in HuCart 5.7.4 via nickname in index.php.
Hucart Hucart 5.7.4
8.8
CVSSv3
CVE-2019-6249
An issue exists in HuCart v5.7.4. There is a CSRF vulnerability that can add an admin account via /adminsys/index.php?load=admins&act=edit_info&act_type=add.
Hucart Hucart 5.7.4
1 EDB exploit
2 Github repositories
9.8
CVSSv3
CVE-2018-19468
HuCart 5.7.4 has SQL injection in get_ip() in system/class/helper_class.php via the X-Forwarded-For HTTP header to the user/index.php?load=login&act=act_login URI.
Hucart Hucart 5.7.4
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started