Picturespro · Picturespro Photo Cart · CVE-2018-5190
**Name of the Vulnerable Software and Affected Versions**
PicturesPro Photo Cart versions 6 and 7 before Security-Patch-2018-B
**Description**
The issue allows remote attackers to access arbitrary customer accounts via a modified cookie. This is related to the files pc head.php, pc login.php, and pc login page.php.
**Recommendations**
For versions 6 and 7 before Security-Patch-2018-B, apply Security-Patch-2018-B to resolve the issue.