Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hucart vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2020-18475
Cross Site Scripting (XSS) vulnerabilty exists in Hucart CMS 5.7.4 is via the mes_title field. The first user inserts a malicious script into the header field of the outbox and sends it to other users. When other users open the email, the malicious code will be executed.
Hucart Hucart 5.7.4
8.8
CVSSv3
CVE-2020-18476
SQL Injection vulnerability in Hucart CMS 5.7.4 via the basic information field found in the avatar usd_image field.
Hucart Hucart 5.7.4
8.8
CVSSv3
CVE-2020-18477
SQL Injection vulnerability in Hucart CMS 5.7.4 via the purchase enquiry field found in the Message con_content field.
Hucart Hucart 5.7.4
5.4
CVSSv3
CVE-2020-18158
Cross Site Scripting (XSS) vulnerability in HuCart 5.7.4 via nickname in index.php.
Hucart Hucart 5.7.4
8.8
CVSSv3
CVE-2019-6249
An issue exists in HuCart v5.7.4. There is a CSRF vulnerability that can add an admin account via /adminsys/index.php?load=admins&act=edit_info&act_type=add.
Hucart Hucart 5.7.4
1 EDB exploit
2 Github repositories
9.8
CVSSv3
CVE-2018-19468
HuCart 5.7.4 has SQL injection in get_ip() in system/class/helper_class.php via the X-Forwarded-For HTTP header to the user/index.php?load=login&act=act_login URI.
Hucart Hucart 5.7.4
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started