Vulnerabilities > Hucart

DATE	CVE	VULNERABILITY TITLE	RISK
2021-08-26	CVE-2020-18475	Cross-site Scripting vulnerability in Hucart 5.7.4 Cross Site Scripting (XSS) vulnerabilty exists in Hucart CMS 5.7.4 is via the mes_title field. network hucart CWE-79	3.5
2021-08-26	CVE-2020-18476	SQL Injection vulnerability in Hucart 5.7.4 SQL Injection vulnerability in Hucart CMS 5.7.4 via the basic information field found in the avatar usd_image field. network low complexity hucart CWE-89	6.5
2021-08-26	CVE-2020-18477	SQL Injection vulnerability in Hucart 5.7.4 SQL Injection vulnerability in Hucart CMS 5.7.4 via the purchase enquiry field found in the Message con_content field. network low complexity hucart CWE-89	6.5
2021-07-30	CVE-2020-18158	Cross-site Scripting vulnerability in Hucart 5.7.4 Cross Site Scripting (XSS) vulnerability in HuCart 5.7.4 via nickname in index.php. network hucart CWE-79	3.5
2019-01-13	CVE-2019-6249	Cross-Site Request Forgery (CSRF) vulnerability in Hucart 5.7.4 An issue was discovered in HuCart v5.7.4. network hucart CWE-352	6.8
2018-11-23	CVE-2018-19468	SQL Injection vulnerability in Hucart 5.7.4 HuCart 5.7.4 has SQL injection in get_ip() in system/class/helper_class.php via the X-Forwarded-For HTTP header to the user/index.php?load=login&act=act_login URI. network low complexity hucart CWE-89	7.5

Vulnerabilities > Hucart {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Hucart"}]}