Ecommerce-website Project - Ecommerce-website CVE - OpenCVE

Filtered by vendor Ecommerce-website Project Subscriptions

Filtered by product Ecommerce-website Subscriptions

Total 5 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2022-45990	1 Ecommerce-website Project	1 Ecommerce-website	2024-08-03	6.1 Medium
A cross-site scripting (XSS) vulnerability in the component /signup_script.php of Ecommerce-Website v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the eMail parameter.
CVE-2022-27436	1 Ecommerce-website Project	1 Ecommerce-website	2024-08-03	4.8 Medium
A cross-site scripting (XSS) vulnerability in /public/admin/index.php?add_user at Ecommerce-Website v1.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the username text field.
CVE-2022-27435	1 Ecommerce-website Project	1 Ecommerce-website	2024-08-03	8.8 High
An unrestricted file upload at /public/admin/index.php?add_product of Ecommerce-Website v1.1.0 allows attackers to upload a webshell via the Product Image component.
CVE-2022-27357	1 Ecommerce-website Project	1 Ecommerce-website	2024-08-03	9.8 Critical
Ecommerce-Website v1 was discovered to contain an arbitrary file upload vulnerability via /customer_register.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.
CVE-2022-27346	1 Ecommerce-website Project	1 Ecommerce-website	2024-08-03	8.8 High
Ecommece-Website v1.1.0 was discovered to contain an arbitrary file upload vulnerability via /admin/index.php?slides. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.

Page 1 of 1.