Arbitrary Customer Account Access in PicturesPro Photo Cart 6 and 7

CVE-2018-5190 · MEDIUM

CVE-2018-5190

PicturesPro Photo Cart 6 and 7 before Security-Patch-2018-B allows remote attackers to access arbitrary customer accounts via a modified cookie, related to pc_head.php, pc_login.php, and pc_login_page.php.

Learn more about our Web Application Penetration Testing UK.