express-cart

Releases19

Frequency2 months 2 weeks

Last Release about 6 years ago

A fully functioning Node.js shopping cart with Stripe, PayPal and Authorize.net payments.

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2018-12457 ↗	Jun 15, 2018Friday, 15 June 2018, 14:29	—	6.5 MEDIUM
expressCart before 1.1.6 allows remote attackers to create an admin user via a /admin/setup Referer header.