Unrated severityNVD Advisory· Published Jul 31, 2025· Updated Jul 31, 2025

CVE-2025-50850

Description

An issue was discovered in CS Cart 4.18.3 allows the vendor login functionality lacks essential security controls such as CAPTCHA verification and rate limiting. This allows an attacker to systematically attempt various combinations of usernames and passwords (brute-force attack) to gain unauthorized access to vendor accounts. The absence of any blocking mechanism makes the login endpoint susceptible to automated attacks.

Affected products

CS Cart/CS Cartdescription
Cs Cart/Cs Cartllm-fuzzy
Range: =4.18.3

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

cs.commitre
github.com/hackerwahab/CS-Cart-Vulns/blob/main/CVE-2025-50850.mdmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000