Arbitrary PHP Code Execution Vulnerability in CS-Cart 4.6.2 and Earlier

Arbitrary PHP Code Execution Vulnerability in CS-Cart 4.6.2 and Earlier

CVE-2017-15673 · HIGH Severity

AV:N/AC:L/AU:S/C:C/I:C/A:C

The files function in the administration section in CS-Cart 4.6.2 and earlier allows attackers to execute arbitrary PHP code via vectors involving a custom page.

Learn more about our Web Application Penetration Testing UK.