IDCVSSSummaryLast (major) updatePublished
CVE-2018-19468 7.5
HuCart 5.7.4 has SQL injection in get_ip() in system/class/helper_class.php via the X-Forwarded-For HTTP header to the user/index.php?load=login&act=act_login URI.
19-12-2018 - 15:06 23-11-2018 - 05:29
CVE-2019-6249 6.8
An issue was discovered in HuCart v5.7.4. There is a CSRF vulnerability that can add an admin account via /adminsys/index.php?load=admins&act=edit_info&act_type=add.
16-01-2019 - 20:29 13-01-2019 - 15:29
Back to Top Mark selected
Back to Top