Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
e-commerce vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-3898
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in mAyaNet E-Commerce Software allows SQL Injection.This issue affects E-Commerce Software: prior to 1.1.
Mayanets E-commerce
9.8
CVSSv3
CVE-2023-4674
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Yaztek Software Technologies and Computer Systems E-Commerce Software allows SQL Injection.This issue affects E-Commerce Software: up to and including 20231229. NOTE: T...
Yaztekteknoloji E-commerce
NA
CVE-2001-0614
Carello E-Commerce 1.2.1 and previous versions allows a remote malicious user to gain additional privileges and execute arbitrary commands via a specially constructed URL.
Carello E-commerce
1 EDB exploit
9.8
CVSSv3
CVE-2023-4531
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Mestav Software E-commerce Software allows SQL Injection.This issue affects E-commerce Software: prior to 20230901 .
Mestav E-commerce Software
NA
CVE-2014-10017
Multiple SQL injection vulnerabilities in the Welcart e-Commerce plugin 1.3.12 for WordPress allow remote malicious users to execute arbitrary SQL commands via the (1) changeSort or (2) switch parameter in the usces_itemedit page to wp-admin/admin.php.
Welcart E-commerce 1.3.12
NA
CVE-2005-4287
PHP remote file include vulnerability in MarmaraWeb E-commerce allows remote malicious users to execute arbitrary code via the page parameter to index.php.
Marmaraweb Marmaraweb E-commerce
1 EDB exploit
NA
CVE-2005-4288
Cross-site scripting (XSS) vulnerability in index.php in MarmaraWeb E-commerce allows remote malicious users to inject arbitrary web script or HTML via the page parameter to index.php. NOTE: this might be resultant from CVE-2005-4287.
Marmaraweb Marmaraweb E-commerce
1 EDB exploit
6.1
CVSSv3
CVE-2023-43484
Cross-site scripting vulnerability in Item List page of Welcart e-Commerce versions 2.7 to 2.8.21 allows a remote unauthenticated malicious user to inject an arbitrary script.
Collne Welcart E-commerce
4.9
CVSSv3
CVE-2023-43493
SQL injection vulnerability in Item List page of Welcart e-Commerce versions 2.7 to 2.8.21 allows a user with author or higher privilege to obtain sensitive information.
Collne Welcart E-commerce
8.8
CVSSv3
CVE-2023-43610
SQL injection vulnerability in Order Data Edit page of Welcart e-Commerce versions 2.7 to 2.8.21 allows a user with editor (without setting authority) or higher privilege to perform unintended database operations.
Collne Welcart E-commerce
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »