phpcart.php in PHPCart 3.2 allows remote malicious users to change product price information by modifying the (1) price or (2) postage parameters. NOTE: it was later reported that 3.4 up to and including 4.6.4 are also affected.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
phpcart phpcart 3.2 |
||
phpcart phpcart 3.4 |
||
phpcart phpcart 4.6.4 |