CVE-2017-2143

Summary

CS-Cart Japanese Edition v4.3.10-jp-1 and earlier, CS-Cart Multivendor Japanese Edition v4.3.10-jp-1 and earlier allows remote attackers to bypass access restriction to create a request to return a customer purchased item via rma.post.php.

Affected Software

VendorProductVersion RangeStatus
Frogman Office Inc.CS-Cart Japanese Editionv4.3.10-jp-1 and earlieraffected
Frogman Office Inc.CS-Cart Multivendor Japanese Editionv4.3.10-jp-1 and earlieraffected

Weaknesses

  • Fails to restrict access

ADP Enrichment

CVE Program Container

Additional References

References