High severity8.8NVD Advisory· Published Apr 20, 2017· Updated Jun 17, 2026
CVE-2016-4862
CVE-2016-4862
Description
Twigmo bundled with CS-Cart 4.3.9 and earlier and Twigmo bundled with CS-Cart Multi-Vendor 4.3.9 and earlier allow remote authenticated users to execute arbitrary PHP code on the servers.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4cpe:2.3:a:cs-cart:cs-cart:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:cs-cart:cs-cart:*:*:*:*:*:*:*:*range: <=4.3.9
- cpe:2.3:a:cs-cart:cs-cart:*:*:*:*:marketplace:*:*:*range: <=4.3.9
- Range: <=4.3.9
- Range: <=4.3.9
Patches
Vulnerability mechanics
References
4- tips.cs-cart.jp/fix-twigmo-vulnerability-20160914.htmlnvdPatchVendor Advisory
- jvn.jp/en/jp/JVN55389065/index.htmlnvdThird Party AdvisoryVDB Entry
- jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000157.htmlnvdThird Party AdvisoryVDB Entry
- www.securityfocus.com/bid/92992nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.