CVE-2018-3758

Unrestricted file upload (RCE) in express-cart module before 1.1.7 allows a privileged user to gain access in the hosting machine.
References
Link Resource
https://hackerone.com/reports/343726 Exploit Patch
Configurations

Configuration 1

cpe:2.3:a:express-cart_project:express-cart:*:*:*:*:*:node.js:*:*

Information

Published : 2018-06-07 09:29

Updated : 2023-01-30 04:05


NVD link : CVE-2018-3758

Mitre link : CVE-2018-3758

Products Affected
No products.
CWE