Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
litecart vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2018-12256
admin/vqmods.app/vqmods.inc.php in LiteCart prior to 2.1.3 allows remote authenticated malicious users to upload a malicious file (resulting in remote code execution) by using the text/xml or application/xml Content-Type in a public_html/admin/?app=vqmods&doc=vqmods request.
Litecart Litecart
4.3
CVSSv2
CVE-2022-27168
Cross-site scripting vulnerability in LiteCart versions before 2.4.2 allows a remote malicious user to inject an arbitrary script via unspecified vectors.
Litecart Litecart
5
CVSSv2
CVE-2020-9018
LiteCart up to and including 2.2.1 allows admin/?app=users&doc=edit_user CSRF to add a user.
Litecart Litecart
6
CVSSv2
CVE-2020-9017
LiteCart up to and including 2.2.1 allows CSV injection via a customer's profile.
Litecart Litecart
5
CVSSv2
CVE-2018-10827
LiteCart prior to 2.1.2 allows remote malicious users to cause a denial of service (memory consumption) via URIs that do not exist, because public_html/logs/not_found.log grows without bound, and is loaded into memory for each request.
Litecart Litecart
4.3
CVSSv2
CVE-2014-7183
Multiple cross-site scripting (XSS) vulnerabilities in the search.php in LiteCart 1.1.2.1 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) query parameter or (2) QUERY_STRING.
Litecart Litecart
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-35000
CVE-2024-4439
unauthorized
CVE-2024-0042
CVE-2024-31848
CVE-2023-40694
cache poisoning
CVE-2024-23707
firmware
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started