Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
e-commerce vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2017-17610
E-commerce MLM Software 1.0 has SQL Injection via the service_detail.php pid parameter, event_detail.php eventid parameter, or news_detail.php newid parameter.
E-commerce Mlm Software Project E-commerce Mlm Software 1.0
1 EDB exploit
6.1
CVSSv3
CVE-2023-4406
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in KC Group E-Commerce Software allows Reflected XSS.This issue affects E-Commerce Software: up to and including 20231123. NOTE: The vendor was contacted early about this ...
Kc Group E-commerce Software Project Kc Group E-commerce Software
8.8
CVSSv3
CVE-2021-24620
The WordPress Simple Ecommerce Shopping Cart Plugin- Sell products through Paypal plugin up to and including 2.2.5 does not check for the uploaded Downloadable Digital product file, allowing any file, such as PHP to be uploaded by an administrator. Furthermore, as there is no CSR...
Simple-e-commerce-shopping-cart Project Simple-e-commerce-shopping-cart
5.4
CVSSv3
CVE-2022-2682
A vulnerability, which was classified as problematic, has been found in SourceCodester Alphaware Simple E-Commerce System. Affected by this issue is some unknown functionality of the file stockin.php. The manipulation of the argument id with the input '"><script&g...
Alphaware - Simple E-commerce System Project Alphaware - Simple E-commerce System -
9.8
CVSSv3
CVE-2023-26905
An issue exists in Alphaware - Simple E-Commerce System v1.0. There is a SQL injection that can directly issue instructions to the background database system via /alphaware/details.php?id.
Alphaware - Simple E-commerce System Project Alphaware - Simple E-commerce System 1.0
5.3
CVSSv3
CVE-2023-0998
A vulnerability classified as critical has been found in SourceCodester Alphaware Simple E-Commerce System 1.0. This affects an unknown part of the file /alphaware/summary.php of the component Payment Handler. The manipulation of the argument amount leads to improper access contr...
Alphaware Simple E-commerce System Project Alphaware Simple E-commerce System 1.0
6.5
CVSSv3
CVE-2020-21139
EC Cloud E-Commerce System v1.3 exists to contain a Cross-Site Request Forgery (CSRF) which allows malicious users to arbitrarily add admin accounts via /admin.html?do=user&act=add.
Ec Cloud E-commerce System Project Ec Cloud E-commerce System 1.3
8.1
CVSSv3
CVE-2023-1502
A vulnerability was found in SourceCodester Alphaware Simple E-Commerce System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file function/edit_customer.php. The manipulation of the argument firstname/mi/lastname with the input a&...
Alphaware - Simple E-commerce System Project Alphaware - Simple E-commerce System 1.0
8.1
CVSSv3
CVE-2023-1503
A vulnerability classified as critical has been found in SourceCodester Alphaware Simple E-Commerce System 1.0. This affects an unknown part of the file admin/admin_index.php. The manipulation of the argument username/password with the input admin' AND (SELECT 8062 FROM (SEL...
Alphaware - Simple E-commerce System Project Alphaware - Simple E-commerce System 1.0
8.1
CVSSv3
CVE-2023-1504
A vulnerability classified as critical was found in SourceCodester Alphaware Simple E-Commerce System 1.0. This vulnerability affects unknown code. The manipulation of the argument email/password with the input test1%40test.com ' AND (SELECT 6077 FROM (SELECT(SLEEP(5)))dltn)...
Alphaware - Simple E-commerce System Project Alphaware - Simple E-commerce System 1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »