Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
e-commerce vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2017-17610
E-commerce MLM Software 1.0 has SQL Injection via the service_detail.php pid parameter, event_detail.php eventid parameter, or news_detail.php newid parameter.
E-commerce Mlm Software Project E-commerce Mlm Software 1.0
1 EDB exploit
NA
CVE-2023-4406
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in KC Group E-Commerce Software allows Reflected XSS.This issue affects E-Commerce Software: up to and including 20231123. NOTE: The vendor was contacted early about this ...
Kc Group E-commerce Software Project Kc Group E-commerce Software
6.8
CVSSv2
CVE-2021-24620
The WordPress Simple Ecommerce Shopping Cart Plugin- Sell products through Paypal plugin up to and including 2.2.5 does not check for the uploaded Downloadable Digital product file, allowing any file, such as PHP to be uploaded by an administrator. Furthermore, as there is no CSR...
Simple-e-commerce-shopping-cart Project Simple-e-commerce-shopping-cart
NA
CVE-2022-2682
A vulnerability, which was classified as problematic, has been found in SourceCodester Alphaware Simple E-Commerce System. Affected by this issue is some unknown functionality of the file stockin.php. The manipulation of the argument id with the input '"><script&g...
Alphaware - Simple E-commerce System Project Alphaware - Simple E-commerce System -
NA
CVE-2023-26905
An issue exists in Alphaware - Simple E-Commerce System v1.0. There is a SQL injection that can directly issue instructions to the background database system via /alphaware/details.php?id.
Alphaware - Simple E-commerce System Project Alphaware - Simple E-commerce System 1.0
NA
CVE-2023-0998
A vulnerability classified as critical has been found in SourceCodester Alphaware Simple E-Commerce System 1.0. This affects an unknown part of the file /alphaware/summary.php of the component Payment Handler. The manipulation of the argument amount leads to improper access contr...
Alphaware Simple E-commerce System Project Alphaware Simple E-commerce System 1.0
NA
CVE-2023-1502
A vulnerability was found in SourceCodester Alphaware Simple E-Commerce System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file function/edit_customer.php. The manipulation of the argument firstname/mi/lastname with the input a&...
Alphaware - Simple E-commerce System Project Alphaware - Simple E-commerce System 1.0
NA
CVE-2023-1503
A vulnerability classified as critical has been found in SourceCodester Alphaware Simple E-Commerce System 1.0. This affects an unknown part of the file admin/admin_index.php. The manipulation of the argument username/password with the input admin' AND (SELECT 8062 FROM (SEL...
Alphaware - Simple E-commerce System Project Alphaware - Simple E-commerce System 1.0
NA
CVE-2023-1504
A vulnerability classified as critical was found in SourceCodester Alphaware Simple E-Commerce System 1.0. This vulnerability affects unknown code. The manipulation of the argument email/password with the input test1%40test.com ' AND (SELECT 6077 FROM (SELECT(SLEEP(5)))dltn)...
Alphaware - Simple E-commerce System Project Alphaware - Simple E-commerce System 1.0
4.3
CVSSv2
CVE-2020-21139
EC Cloud E-Commerce System v1.3 exists to contain a Cross-Site Request Forgery (CSRF) which allows malicious users to arbitrarily add admin accounts via /admin.html?do=user&act=add.
Ec Cloud E-commerce System Project Ec Cloud E-commerce System 1.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
firmware
CVE-2023-52866
CVE-2024-4367
CVE-2024-1721
CVE-2023-34992
XML injection
CVE-2023-52817
SQL
CVE-2023-52855
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »