Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
litecart vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2014-7183
Multiple cross-site scripting (XSS) vulnerabilities in the search.php in LiteCart 1.1.2.1 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) query parameter or (2) QUERY_STRING.
Litecart Litecart
578
VMScore
CVE-2018-12256
admin/vqmods.app/vqmods.inc.php in LiteCart prior to 2.1.3 allows remote authenticated malicious users to upload a malicious file (resulting in remote code execution) by using the text/xml or application/xml Content-Type in a public_html/admin/?app=vqmods&doc=vqmods request.
Litecart Litecart
445
VMScore
CVE-2020-9018
LiteCart up to and including 2.2.1 allows admin/?app=users&doc=edit_user CSRF to add a user.
Litecart Litecart
534
VMScore
CVE-2020-9017
LiteCart up to and including 2.2.1 allows CSV injection via a customer's profile.
Litecart Litecart
445
VMScore
CVE-2018-10827
LiteCart prior to 2.1.2 allows remote malicious users to cause a denial of service (memory consumption) via URIs that do not exist, because public_html/logs/not_found.log grows without bound, and is loaded into memory for each request.
Litecart Litecart
383
VMScore
CVE-2022-27168
Cross-site scripting vulnerability in LiteCart versions before 2.4.2 allows a remote malicious user to inject an arbitrary script via unspecified vectors.
Litecart Litecart
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38298
CVE-2024-20356
CVE-2023-21987
CVE-2024-33217
bypass
CVE-2024-31804
CVE-2024-32660
unauthorized
SSRF
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started