Home- X-Cart 5 Modules
- X-Cart security and spam
- X-Cart Templates
- X-Cart Mobile
- X-Cart Category Navigation
- X-Cart Mods
- X-cart SEO
- X-Cart Checkout
- x-cart Shopping Feeds
- Promos & Sales
- X-Cart Administration
- X-Cart Appearance
- X-Cart Conversion
- X-Cart Customers
- X-Cart Marketing
- X-Cart Navigation
- X-Cart Shipping Tools
- Install Services
- X-Cart Software, Extensions and Modules
- Website Promotion
Installation of X-Cart security patch 2015-04-28
Installation of X-Cart security patch 2015-04-28
AFFECTED VERSIONS:
All X-Cart versions from 4.0.19 through 4.7.1
SEVERITY:
High
IMPACT:
• XSS vulnerability on the order search page (4.7.0 and 4.7.1 only);
• XSS vulnerability on the registration page (versions 4.7.1 and earlier);
• XSS vulnerability for the Customer_Reviews/Advanced_Customer_Reviews modules (versions 4.7.1 and earlier);
• XSS Smarty vulnerability (versions 4.6.1 and earlier);
• XSS vulnerability for the Product_Configurator(Product Wizard) module (versions 4.6.1 and earlier);
• Posible SQL injection on the cart page (versions 4.7.1 and earlier);
• Hacker can gain full access to the store's Admin back end in some cases for Platinum/Pro editions (versions 4.6.4 and earlier);
• X-Cart Protected Mode does not work in some cases (versions 4.6.4 and earlier);
AFFECTED VERSIONS:
All X-Cart versions from 4.0.19 through 4.7.1
SEVERITY:
High
IMPACT:
• XSS vulnerability on the order search page (4.7.0 and 4.7.1 only);
• XSS vulnerability on the registration page (versions 4.7.1 and earlier);
• XSS vulnerability for the Customer_Reviews/Advanced_Customer_Reviews modules (versions 4.7.1 and earlier);
• XSS Smarty vulnerability (versions 4.6.1 and earlier);
• XSS vulnerability for the Product_Configurator(Product Wizard) module (versions 4.6.1 and earlier);
• Posible SQL injection on the cart page (versions 4.7.1 and earlier);
• Hacker can gain full access to the store's Admin back end in some cases for Platinum/Pro editions (versions 4.6.4 and earlier);
• X-Cart Protected Mode does not work in some cases (versions 4.6.4 and earlier);
INFORMATION
MY ACCOUNT
CONTACT US
-
LOCATION:
Santiago de Compostela
Galicia
N.W. Spain
-
TIME ZONE:
GMT +1 -
EMAIL
Contact Us
Copyright © 2003-2020 X-Cart Solution Center