Qualiteam : Security Vulnerabilities, CVEs, Published In 2004 CVSS score >= 3
X-Cart 3.4.3 allows remote attackers to gain sensitive information via a mode parameter with (1) phpinfo command or (2) perlinfo command.
Max CVSS
5.0
EPSS Score
2.39%
Published
2004-11-23
Updated
2017-07-11
X-Cart 3.4.3 allows remote attackers to execute arbitrary commands via the perl_binary argument in (1) upgrade.php or (2) general.php.
Max CVSS
10.0
EPSS Score
9.04%
Published
2004-11-23
Updated
2017-07-11
Directory traversal vulnerability in X-Cart 3.4.3 allows remote attackers to view arbitrary files via a .. (dot dot) in the shop_closed_file argument to auth.php.
Max CVSS
5.0
EPSS Score
3.09%
Published
2004-11-23
Updated
2017-07-11
3 vulnerabilities found