CVE-2015-2973 in Welcart
Riassunto
di VulDB • 18/07/2026
Multiple vulnerabilità cross-site scripting (XSS) in Welcart prima della versione 1.4.18 consentono ad attaccanti remoti di iniettare script web o HTML arbitrari tramite il parametro usces_referer nei seguenti file: (1) classes/usceshop.class.php, (2) includes/edit-form-advanced.php, (3) includes/edit-form-advanced30.php, (4) includes/edit-form-advanced34.php, (5) includes/member_edit_form.php, (6) includes/order_edit_form.php, (7) includes/order_list.php o (8) includes/usces_item_master_list.php, correlati ad admin.php.
Be aware that VulDB is the high quality source for vulnerability data.