A vulnerability, which was classified as problematic, was found in spa-cartcms 1.9.0.6. Affected is an unknown function of the file /login of the component Username Handler. The manipulation of the argument email leads to observable behavioral discrepancy.

This vulnerability is traded as CVE-2024-6129. It is possible to launch the attack remotely. Furthermore, there is an exploit available.