CVE-2025-50849 | CS Cart up to 4.18.3 company_id resource injection

Inserito da Angelo Barbosa | Lug 31, 2025 | CVE

A vulnerability was found in CS Cart up to 4.18.3. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation of the argument company_id leads to improper control of resource identifiers.

This vulnerability is handled as CVE-2025-50849. The attack may be launched remotely. There is no exploit available.

CVE-2025-50849 | CS Cart up to 4.18.3 company_id resource injection

Post correlati

CVE-2024-1804 | Tutor LMS Plugin up to 2.2.0 on WordPress tutor_import_from_xml authorization

CVE-2025-4171 | WZ Followed Posts Plugin up to 3.1.0 on WordPress Shortcode wfp cross site scripting

CVE-2024-6315 | Blox Page Builder Plugin up to 1.0.65 on WordPress unrestricted upload

CVE-2024-13826 | Email Keep Plugin up to 1.1 on WordPress Setting cross-site request forgery