Aitor Herrero Fuentes

CVE-2023-43148 NOMISEC HIGH WORKING POC

SPA-Cart 1.9.0.3 - CSRF

SPA-Cart 1.9.0.3 has a Cross Site Request Forgery (CSRF) vulnerability that allows a remote attacker to delete all accounts.

1 stars

CVSS 8.1

View Code

CVE-2023-43149 NOMISEC HIGH WORKING POC

SPA-Cart 1.9.0.3 - CSRF

SPA-Cart 1.9.0.3 is vulnerable to Cross Site Request Forgery (CSRF) that allows a remote attacker to add an admin user with role status.

1 stars

CVSS 8.8

View Code