Vulnerabilities > Litecart > Litecart > 2.1.3
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-07-11 | CVE-2022-27168 | Cross-site Scripting vulnerability in Litecart Cross-site scripting vulnerability in LiteCart versions prior to 2.4.2 allows a remote attacker to inject an arbitrary script via unspecified vectors. | 4.3 |
2020-02-25 | CVE-2020-9018 | Cross-Site Request Forgery (CSRF) vulnerability in Litecart LiteCart through 2.2.1 allows admin/?app=users&doc=edit_user CSRF to add a user. | 5.0 |
2020-02-25 | CVE-2020-9017 | Injection vulnerability in Litecart LiteCart through 2.2.1 allows CSV injection via a customer's profile. | 6.0 |