Ecommerce-website Project Ecommerce-website — known CVE vulnerabilities
Every CVE whose affected-product data names Ecommerce-website Project Ecommerce-website, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2022-27357 — CVSS 9.8 (critical): Ecommerce-Website v1 was discovered to contain an arbitrary file upload vulnerability via /customer_register.php. This vulnerability allows…
CVE-2022-27346 — CVSS 8.8 (high): Ecommece-Website v1.1.0 was discovered to contain an arbitrary file upload vulnerability via /admin/index.php?slides. This vulnerability…
CVE-2022-27435 — CVSS 8.8 (high): An unrestricted file upload at /public/admin/index.php?add_product of Ecommerce-Website v1.1.0 allows attackers to upload a webshell via…
CVE-2022-45990 — CVSS 6.1 (medium): A cross-site scripting (XSS) vulnerability in the component /signup_script.php of Ecommerce-Website v1.0 allows attackers to execute…
CVE-2022-27436 — CVSS 4.8 (medium): A cross-site scripting (XSS) vulnerability in /public/admin/index.php?add_user at Ecommerce-Website v1.1.0 allows attackers to execute…