Vulnerabilities > S Cart

DATE	CVE	VULNERABILITY TITLE	RISK
2022-05-01	CVE-2022-21149	Cross-site Scripting vulnerability in S-Cart The package s-cart/s-cart before 6.9; the package s-cart/core before 6.9 are vulnerable to Cross-site Scripting (XSS) which can lead to cookie stealing of any victim that visits the affected URL so the attacker can gain unauthorized access to that user's account through the stolen cookie. network low complexity s-cart CWE-79	3.5
2022-02-11	CVE-2021-44111	Path Traversal vulnerability in S-Cart A Directory Traversal vulnerability exists in S-Cart 6.7 via download in sc-admin/backup. local low complexity s-cart CWE-22	4.4
2021-11-01	CVE-2021-38847	Unrestricted Upload of File with Dangerous Type vulnerability in S-Cart S-Cart v6.4.1 and below was discovered to contain an arbitrary file upload vulnerability in the Editor module on the Admin panel. network low complexity s-cart CWE-434	8.8
2020-12-15	CVE-2020-28457	Cross-site Scripting vulnerability in S-Cart This affects the package s-cart/core before 4.4. network low complexity s-cart CWE-79	4.8
2020-12-15	CVE-2020-28456	Cross-site Scripting vulnerability in S-Cart The package s-cart/core before 4.4 are vulnerable to Cross-site Scripting (XSS) via the admin panel. network low complexity s-cart CWE-79	6.1

Vulnerabilities > S Cart {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"S Cart"}]}