CVE-2017-2139

Summary

CS-Cart Japanese Edition v4.3.10 and earlier (excluding v2 and v3), CS-Cart Multivendor Japanese Edition v4.3.10 and earlier (excluding v2 and v3) allows remote attackers to bypass access restriction to obtain customer information via orders.pre.php.

Affected Software

VendorProductVersion RangeStatus
Frogman Office Inc.CS-Cart Japanese Editionv4.3.10 and earlier (excluding v2 and v3)affected
Frogman Office Inc.CS-Cart Multivendor Japanese Editionv4.3.10 and earlier (excluding v2 and v3)affected

Weaknesses

  • Fails to restrict access

ADP Enrichment

CVE Program Container

Additional References

References