Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
litecart litecart vulnerabilities and exploits
(subscribe to this query)
578
VMScore
CVE-2018-12256
admin/vqmods.app/vqmods.inc.php in LiteCart prior to 2.1.3 allows remote authenticated malicious users to upload a malicious file (resulting in remote code execution) by using the text/xml or application/xml Content-Type in a public_html/admin/?app=vqmods&doc=vqmods request.
Litecart Litecart
445
VMScore
CVE-2018-10827
LiteCart prior to 2.1.2 allows remote malicious users to cause a denial of service (memory consumption) via URIs that do not exist, because public_html/logs/not_found.log grows without bound, and is loaded into memory for each request.
Litecart Litecart
383
VMScore
CVE-2022-27168
Cross-site scripting vulnerability in LiteCart versions before 2.4.2 allows a remote malicious user to inject an arbitrary script via unspecified vectors.
Litecart Litecart
383
VMScore
CVE-2014-7183
Multiple cross-site scripting (XSS) vulnerabilities in the search.php in LiteCart 1.1.2.1 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) query parameter or (2) QUERY_STRING.
Litecart Litecart
534
VMScore
CVE-2020-9017
LiteCart up to and including 2.2.1 allows CSV injection via a customer's profile.
Litecart Litecart
445
VMScore
CVE-2020-9018
LiteCart up to and including 2.2.1 allows admin/?app=users&doc=edit_user CSRF to add a user.
Litecart Litecart
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started