Ectouch CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2023-39560	1 Ectouch	1 Ectouch	2024-11-21	9.8 Critical
ECTouch v2 was discovered to contain a SQL injection vulnerability via the $arr['id'] parameter at \default\helpers\insert.php.
CVE-2022-25098	1 Ectouch	1 Ectouch	2024-11-21	9.1 Critical
ECTouch v2 suffers from arbitrary file deletion due to insufficient filtering of the filename parameter.
CVE-2020-21806	1 Ectouch	1 Ectouch	2024-11-21	9.8 Critical
SQL Injection Vulnerability in ECTouch v2 via the shop page in index.php..
CVE-2020-18144	1 Ectouch	1 Ectouch	2024-11-21	9.8 Critical
SQL Injection Vulnerability in ECTouch v2 via the integral_min parameter in index.php.

Page 1 of 1.