Cross-Site Scripting Vulnerabilities in CS-Cart by CS-Cart
CVE-2013-7317

Currently unrated

Key Information:

Vendor: Cs-cart
Status: Cs-cart
Vendor: CVE Published:; 24 January 2014

What is CVE-2013-7317?

Multiple vulnerabilities exist in CS-Cart affecting versions prior to 4.1.1, allowing remote attackers to exploit flaws in the settings_file and data_file parameters. Through these vulnerabilities, attackers can inject arbitrary web scripts or HTML into various components, including ampie.swf, amline.swf, and amcolumn.swf, potentially compromising the integrity of the web application and its users.

References

http://www.kb.cert.org/vuls/id/405942

third-party-advisoryx_refsource_CERT-VN

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Jan 24, 2014

Cs-cart

What is CVE-2013-7317?

References

Timeline