MidnightBSD

Advisories for expresscart_project

CVE-2018-12457 MEDIUM

expressCart before 1.1.6 allows remote attackers to create an admin user via a /admin/setup Referer header.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-732,

Products Affected

Vendor Product Version
expresscart_project expresscart *