VYPR
High severity7.5NVD Advisory· Published Sep 9, 2019· Updated Jun 17, 2026

CVE-2019-16123

CVE-2019-16123

Description

In Kartatopia PilusCart 1.4.1, the parameter filename in the file catalog.php is mishandled, leading to ../ Local File Disclosure.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Kartatopia PilusCart/Kartatopia PilusCartdescription
  • Range: = 1.4.1

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.