Vulnerabilities > CVE-2020-8889 - Unspecified vulnerability in Shipstation 1.0

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
NONE
network
low complexity
shipstation

Summary

The ShipStation.com plugin 1.0 for CS-Cart allows remote attackers to obtain sensitive information (via action=export) because a typo results in a successful comparison of a blank password and NULL.

Vulnerable Configurations

Part Description Count
Application
Shipstation
1