Filtered by vendor Shopwind Subscriptions
Filtered by product Shopwind Subscriptions
Total 6 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2022-43321 1 Shopwind 1 Shopwind 2024-11-21 6.1 Medium
Shopwind v3.4.3 was discovered to contain a reflected cross-site scripting (XSS) vulnerability in the component /common/library/Page.php.
CVE-2022-30453 1 Shopwind 1 Shopwind 2024-11-21 9.8 Critical
ShopWind <= 3.4.2 has a RCE vulnerability in Database.php
CVE-2022-30452 1 Shopwind 1 Shopwind 2024-11-21 7.2 High
ShopWind <= v3.4.2 has a Sql injection vulnerability in Database.php
CVE-2022-30059 1 Shopwind 1 Shopwind 2024-11-21 6.5 Medium
Shopwind <=v3.4.2 was discovered to contain a Arbitrary File Delete vulnerability via the neirong parameter at \backend\controllers\DbController.php.
CVE-2022-30058 1 Shopwind 1 Shopwind 2024-11-21 5.3 Medium
Shopwind <=v3.4.2 was discovered to contain a Arbitrary File Download vulnerability via the neirong parameter at \backend\controllers\DbController.php.
CVE-2022-30057 1 Shopwind 1 Shopwind 2024-11-21 5.4 Medium
Shopwind <=v3.4.2 was discovered to contain a stored cross-site scripting (XSS) vulnerability.