X-Cart 3.4.3 allows remote attackers to gain sensitive information via a mode parameter with (1) phpinfo command or (2) perlinfo command.
Max CVSS
5.0
EPSS Score
2.39%
Published
2004-11-23
Updated
2017-07-11
X-Cart 3.4.3 allows remote attackers to execute arbitrary commands via the perl_binary argument in (1) upgrade.php or (2) general.php.
Max CVSS
10.0
EPSS Score
6.60%
Published
2004-11-23
Updated
2017-07-11
Directory traversal vulnerability in X-Cart 3.4.3 allows remote attackers to view arbitrary files via a .. (dot dot) in the shop_closed_file argument to auth.php.
Max CVSS
5.0
EPSS Score
2.20%
Published
2004-11-23
Updated
2017-07-11
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!