Vulnerability in Qualiteam X-cart
CVE-2015-0951
X-Cart before 5.1.11 allows remote authenticated users to read or delete address data of arbitrary accounts via a modified (1) update or (2) remove request.
EPSS: 0.013 (66.4th percentile) — read the EPSS interpretation.
Affected products
- Qualiteam X-cart
- N/a — versions n/a
Weakness classification (CWE)
References
- cret@cert.org (x_refsource_CONFIRM, Patch, Vendor Advisory)
- cret@cert.org (US Government Resource, x_refsource_CERT-VN, Third Party Advisory, third-party-advisory)