Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
litecart litecart vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2020-9018
LiteCart up to and including 2.2.1 allows admin/?app=users&doc=edit_user CSRF to add a user.
Litecart Litecart
4.3
CVSSv2
CVE-2014-7183
Multiple cross-site scripting (XSS) vulnerabilities in the search.php in LiteCart 1.1.2.1 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) query parameter or (2) QUERY_STRING.
Litecart Litecart
6
CVSSv2
CVE-2020-9017
LiteCart up to and including 2.2.1 allows CSV injection via a customer's profile.
Litecart Litecart
4.3
CVSSv2
CVE-2022-27168
Cross-site scripting vulnerability in LiteCart versions before 2.4.2 allows a remote malicious user to inject an arbitrary script via unspecified vectors.
Litecart Litecart
5
CVSSv2
CVE-2018-10827
LiteCart prior to 2.1.2 allows remote malicious users to cause a denial of service (memory consumption) via URIs that do not exist, because public_html/logs/not_found.log grows without bound, and is loaded into memory for each request.
Litecart Litecart
6.5
CVSSv2
CVE-2018-12256
admin/vqmods.app/vqmods.inc.php in LiteCart prior to 2.1.3 allows remote authenticated malicious users to upload a malicious file (resulting in remote code execution) by using the text/xml or application/xml Content-Type in a public_html/admin/?app=vqmods&doc=vqmods request.
Litecart Litecart
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
administrator privileges
CVE-2024-1579
hardcoded
CVE-2023-20198
CVE-2024-33587
CVE-2024-33449
CVE-2024-4308
HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started