Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
abantecart abantecart vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2021-42050
An issue exists in AbanteCart prior to 1.3.2. It allows DOM Based XSS.
Abantecart Abantecart
3.5
CVSSv2
CVE-2021-42051
An issue exists in AbanteCart prior to 1.3.2. Any low-privileged user with file-upload permissions can upload a malicious SVG document that contains an XSS payload.
Abantecart Abantecart
6.5
CVSSv2
CVE-2022-26521
Abantecart up to and including 1.3.2 allows remote authenticated administrators to execute arbitrary code by uploading an executable file, because the Catalog>Media Manager>Images settings can be changed by an administrator (e.g., by configuring .php to be a valid image fil...
Abantecart Abantecart
4
CVSSv2
CVE-2016-10755
AbanteCart 1.2.8 allows SQL Injection via the source_language parameter to admin/controller/pages/localisation/language.php and core/lib/language_manager.php, or via POST data to admin/controller/pages/tool/backup.php and admin/model/tool/backup.php.
Abantecart Abantecart 1.2.8
4.3
CVSSv2
CVE-2018-20141
AbanteCart 1.2.12 has reflected cross-site scripting (XSS) via the sort parameter, as demonstrated by a /apparel--accessories?sort= substring.
Abantecart Abantecart 1.2.12
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
remote code execution
CVE-2024-34909
CVE-2024-3317
SSTI
CVE-2024-3400
CVE-2024-30051
wireless
CVE-2024-4622
CVE-2024-4908
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started