Skip to main content

Expresscart

1 CVEs product

Monthly

CVE-2018-12457 npm HIGH PATCH This Week

expressCart before 1.1.6 allows remote attackers to create an admin user via a /admin/setup Referer header. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Incorrect Permission Assignment vulnerability could allow attackers to access resources due to misconfigured permissions.

Information Disclosure Expresscart
NVD GitHub
CVSS 3.0
8.8
EPSS
1.9%
EPSS 2% CVSS 8.8
HIGH PATCH This Week

expressCart before 1.1.6 allows remote attackers to create an admin user via a /admin/setup Referer header. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Incorrect Permission Assignment vulnerability could allow attackers to access resources due to misconfigured permissions.

Information Disclosure Expresscart
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy