CVE-2023-26689
published 2024-09-25CVE-2023-26689: An issue discovered in CS-Cart MultiVendor 4.16.1 allows attackers to alter arbitrary user account profiles via crafted post request.
PriorityP355critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.60%
44.3th percentile
An issue discovered in CS-Cart MultiVendor 4.16.1 allows attackers to alter arbitrary user account profiles via crafted post request.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cs-cart | cs-cart_multivendor | — | — |
| linux | linux_kernel | >= 0 < 5.4.0-215.235 | 5.4.0-215.235 |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
osv7.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
linux-azure vulnerabilities
osv·2025-05-07·CVSS 7.8
CVE-2023-52664 linux-azure vulnerabilities
linux-azure vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Network drivers;
- Ceph distributed file system;
- Netfilter;
(CVE-2023-52664, CVE-2024-26689, CVE-2023-52927)
OSV
linux-aws-fips, linux-fips, linux-gcp-fips vulnerabilities
osv·2025-05-06·CVSS 7.8
CVE-2023-52664 linux-aws-fips, linux-fips, linux-gcp-fips vulnerabilities
linux-aws-fips, linux-fips, linux-gcp-fips vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Network drivers;
- Ceph distributed file system;
- Netfilter;
(CVE-2023-52664, CVE-2024-26689, CVE-2023-52927)
OSV
linux, linux-aws, linux-aws-5.4, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-hwe-5.4, linux-ibm, linux-kvm, linux-oracle, linux-oracle-5.4 vulnerabilities
osv·2025-05-06·CVSS 7.8
CVE-2023-52927 linux, linux-aws, linux-aws-5.4, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-hwe-5.4, linux-ibm, linux-kvm, linux-oracle, linux-oracle-5.4 vulnerabilities
linux, linux-aws, linux-aws-5.4, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-hwe-5.4, linux-ibm, linux-kvm, linux-oracle, linux-oracle-5.4 vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Network drivers;
- Ceph distributed file system;
- Netfilter;
(CVE-2023-52927, CVE-2023-52664, CVE-2024-26689)
GHSA
GHSA-xvwc-mxm8-8hqg: An issue discovered in CS-Cart MultiVendor 4
ghsa_unreviewed·2024-09-25
CVE-2023-26689 [CRITICAL] CWE-286 GHSA-xvwc-mxm8-8hqg: An issue discovered in CS-Cart MultiVendor 4
An issue discovered in CS-Cart MultiVendor 4.16.1 allows attackers to alter arbitrary user account profiles via crafted post request.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2024-09-25
Published