Vulnerabilities > Expresscart Project

DATE	CVE	VULNERABILITY TITLE	RISK
2018-06-15	CVE-2018-12457	Incorrect Permission Assignment for Critical Resource vulnerability in Expresscart Project Expresscart expressCart before 1.1.6 allows remote attackers to create an admin user via a /admin/setup Referer header. network low complexity expresscart-project CWE-732	6.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.

Vulnerabilities > Expresscart Project {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Expresscart Project"}]}

Vulnerabilities > Expresscart Project