CS-Cart Japanese Edition v4.3.10 and earlier (excluding v2 and v3) Customer Information Disclosure Vulnerability

CVE-2017-2139 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

CS-Cart Japanese Edition v4.3.10 and earlier (excluding v2 and v3), CS-Cart Multivendor Japanese Edition v4.3.10 and earlier (excluding v2 and v3) allows remote attackers to bypass access restriction to obtain customer information via orders.pre.php.

Learn more about our Web Application Penetration Testing UK.