Vulnerabilities > CS Cart > CS Cart > 4.1.5
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-11-28 | CVE-2017-15673 | Unrestricted Upload of File with Dangerous Type vulnerability in Cs-Cart The files function in the administration section in CS-Cart 4.6.2 and earlier allows attackers to execute arbitrary PHP code via vectors involving a custom page. | 9.0 |
| 2017-04-20 | CVE-2016-4862 | Improper Input Validation vulnerability in Cs-Cart Twigmo bundled with CS-Cart 4.3.9 and earlier and Twigmo bundled with CS-Cart Multi-Vendor 4.3.9 and earlier allow remote authenticated users to execute arbitrary PHP code on the servers. | 6.5 |