Qualiteam X-Cart 3.5.0

CPE Details

Qualiteam X-Cart 3.5.0
qualiteam
x-cart
3.5.0
2007-09-18
21h57 +00:00
2012-09-03
13h08 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:qualiteam:x-cart:3.5.0:*:*:*:*:*:*:*

Informations

Vendor

qualiteam

Product

x-cart

Version

3.5.0

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2019-7220 2019-06-06 13h57 +00:00 X-Cart V5 is vulnerable to XSS via the CategoryFilter2 parameter.
6.1
Medium
CVE-2015-5455 2015-07-08 15h00 +00:00 Cross-site scripting (XSS) vulnerability in X-Cart 4.5.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors to install/.
4.3
CVE-2015-0951 2015-04-04 23h00 +00:00 X-Cart before 5.1.11 allows remote authenticated users to read or delete address data of arbitrary accounts via a modified (1) update or (2) remove request.
6.5
CVE-2015-1178 2015-01-26 14h00 +00:00 Multiple cross-site scripting (XSS) vulnerabilities in cart.php in X-Cart 5.1.8 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) product_id or (2) category_id parameter.
4.3
CVE-2007-4907 2007-09-17 14h00 +00:00 Multiple PHP remote file inclusion vulnerabilities in X-Cart allow remote attackers to execute arbitrary PHP code via a URL in the xcart_dir parameter to (1) config.php, (2) prepare.php, (3) smarty.php, (4) customer/product.php, (5) provider/auth.php, and (6) admin/auth.php.
7.5
CVE-2006-4904 2006-09-20 22h00 +00:00 Dynamic variable evaluation vulnerability in cmpi.php in Qualiteam X-Cart 4.1.3 and earlier allows remote attackers to overwrite arbitrary program variables and execute arbitrary PHP code, as demonstrated by PHP remote file inclusion via the xcart_dir parameter.
7.5