Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bagisto vulnerabilities and exploits
(subscribe to this query)
578
VMScore
CVE-2019-16403
In Webkul Bagisto prior to 0.1.5, the functionalities for customers to change their own values (such as address, review, orders, etc.) can also be manipulated by other customers.
Webkul Bagisto
NA
CVE-2023-36236
Cross Site Scripting vulnerability in webkil Bagisto v.1.5.0 and before allows an malicious user to execute arbitrary code via a crafted SVG file uplad.
Webkul Bagisto
605
VMScore
CVE-2019-14933
Bagisto 0.1.5 allows CSRF under /admin URIs.
Webkul Bagisto 0.1.5
NA
CVE-2023-33570
Bagisto v1.5.1 is vulnerable to Server-Side Template Injection (SSTI).
Webkul Bagisto 1.5.1
NA
CVE-2024-27499
Bagisto v1.5.1 is vulnerable for Cross site scripting(XSS) via png file upload vulnerability in product review option.
NA
CVE-2023-36238
Insecure Direct Object Reference (IDOR) in Bagisto v.1.5.1 allows an malicious user to obtain sensitive information via the invoice ID parameter.
NA
CVE-2023-36237
Cross Site Request Forgery vulnerability in Bagisto before v.1.5.1 allows an malicious user to execute arbitrary code via a crafted HTML script.
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-2907
hardcoded
inject
CVE-2024-20359
CVE-2024-2467
CVE-2024-4077
CVE-2024-22391
camera
CVE-2024-20353
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started