Remote Code Execution in Twigmo bundled with CS-Cart 4.3.9 and earlier

Remote Code Execution in Twigmo bundled with CS-Cart 4.3.9 and earlier

CVE-2016-4862 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

Twigmo bundled with CS-Cart 4.3.9 and earlier and Twigmo bundled with CS-Cart Multi-Vendor 4.3.9 and earlier allow remote authenticated users to execute arbitrary PHP code on the servers.

Learn more about our Cis Benchmark Audit For Server Software.