CVE-2023-26689
CRITICALDescription
An issue discovered in CS-Cart MultiVendor 4.16.1 allows attackers to alter arbitrary user account profiles via crafted post request.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| cs-cart | cs-cart_multivendor |
References
Frequently Asked Questions
What is CVE-2023-26689? +
How severe is CVE-2023-26689? +
What products are affected by CVE-2023-26689? +
How do I check if I'm vulnerable to CVE-2023-26689? +
Related Vulnerabilities
Weblate is a web based localization tool. In versions prior to 5.15, it was possible to accept an invitation opened …
A security issue exists within the FactoryTalk Linx Network Browser. By modifying the process.env.NODE_ENV to ‘development’, the attacker can disable …
An escalation of privilege vulnerability in ASPECT could provide an attacker root access to a server when logged in as …
phpMyFAQ is an open source FAQ web application. Versions 4.0-nightly-2025-10-03 and below do not enforce uniqueness of email addresses during …
A user/password reuse vulnerability exists in the FOXMAN-UN/UNEM application and server management. If exploited a malicious high-privileged user could use …
Improper verification of a user input in Open Source MANO v7-v12 allows an authenticated attacker to execute arbitrary code within …