Vulnerabilities > Kartatopia

DATE	CVE	VULNERABILITY TITLE	RISK
2019-09-09	CVE-2019-16123	Path Traversal vulnerability in Kartatopia Piluscart 1.4.0/1.4.1 In Kartatopia PilusCart 1.4.1, the parameter filename in the file catalog.php is mishandled, leading to ../ Local File Disclosure. network low complexity kartatopia CWE-22	7.5
2019-03-14	CVE-2019-9769	Cross-Site Request Forgery (CSRF) vulnerability in Kartatopia Piluscart 1.4.1 PilusCart 1.4.1 is vulnerable to index.php?module=users&action=newUser CSRF, leading to the addition of a new user as administrator. network low complexity kartatopia CWE-352	8.8

Vulnerabilities > Kartatopia {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Kartatopia"}]}