Vulnerabilities > Litecart > Litecart > 2.1.3

DATE CVE VULNERABILITY TITLE RISK
2022-07-11 CVE-2022-27168 Cross-site Scripting vulnerability in Litecart
Cross-site scripting vulnerability in LiteCart versions prior to 2.4.2 allows a remote attacker to inject an arbitrary script via unspecified vectors.
network
litecart CWE-79
4.3
4.3
2020-02-25 CVE-2020-9018 Cross-Site Request Forgery (CSRF) vulnerability in Litecart
LiteCart through 2.2.1 allows admin/?app=users&doc=edit_user CSRF to add a user.
network
low complexity
litecart CWE-352
5.0
5.0
2020-02-25 CVE-2020-9017 Injection vulnerability in Litecart
LiteCart through 2.2.1 allows CSV injection via a customer's profile.
network
litecart CWE-74
6.0
6.0