Skip to main content

Hucart

2 CVEs product

Monthly

CVE-2019-6249 HIGH POC This Week

An issue was discovered in HuCart v5.7.4. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP CSRF Hucart
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
3.0%
CVE-2018-19468 CRITICAL POC Act Now

HuCart 5.7.4 has SQL injection in get_ip() in system/class/helper_class.php via the X-Forwarded-For HTTP header to the user/index.php?load=login&act=act_login URI. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Hucart
NVD
CVSS 3.0
9.8
EPSS
1.1%
EPSS 3% CVSS 8.8
HIGH POC This Week

An issue was discovered in HuCart v5.7.4. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP CSRF Hucart
NVD Exploit-DB
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

HuCart 5.7.4 has SQL injection in get_ip() in system/class/helper_class.php via the X-Forwarded-For HTTP header to the user/index.php?load=login&act=act_login URI. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Hucart
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy