Ecommerce-website Project CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (6 CVEs found)

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-10793	4 Code-projects, E-commerce Website Project, Ecommerce-website Project and 1 more	4 E-commerce Website, E-commerce Website, Ecommerce-website and 1 more	2025-10-23	7.3 High
A vulnerability was detected in code-projects E-Commerce Website 1.0. Affected by this vulnerability is an unknown functionality of the file /pages/admin_account_delete.php. Performing manipulation of the argument user_id results in sql injection. It is possible to initiate the attack remotely. The exploit is now public and may be used.
CVE-2022-45990	1 Ecommerce-website Project	1 Ecommerce-website	2025-04-24	6.1 Medium
A cross-site scripting (XSS) vulnerability in the component /signup_script.php of Ecommerce-Website v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the eMail parameter.
CVE-2022-27436	1 Ecommerce-website Project	1 Ecommerce-website	2024-11-21	4.8 Medium
A cross-site scripting (XSS) vulnerability in /public/admin/index.php?add_user at Ecommerce-Website v1.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the username text field.
CVE-2022-27435	1 Ecommerce-website Project	1 Ecommerce-website	2024-11-21	8.8 High
An unrestricted file upload at /public/admin/index.php?add_product of Ecommerce-Website v1.1.0 allows attackers to upload a webshell via the Product Image component.
CVE-2022-27357	1 Ecommerce-website Project	1 Ecommerce-website	2024-11-21	9.8 Critical
Ecommerce-Website v1 was discovered to contain an arbitrary file upload vulnerability via /customer_register.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.
CVE-2022-27346	1 Ecommerce-website Project	1 Ecommerce-website	2024-11-21	8.8 High
Ecommece-Website v1.1.0 was discovered to contain an arbitrary file upload vulnerability via /admin/index.php?slides. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.

Page 1 of 1.