Every CVE whose affected-product data names Peel Peel Shopping, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2021-37593 — CVSS 9.1 (critical): PEEL Shopping version 9.4.0 allows remote SQL injection. A public user/guest (unauthenticated) can inject a malicious SQL query in order to…
CVE-2018-20848 — CVSS 8.8 (high): Advisto PEEL SHOPPING 9.0.0 has CSRF via en/achat/caddie_ajout.php and en/achat/caddie_affichage.php, as demonstrated by an XSS payload in…
CVE-2012-5227 — CVSS 7.5 (high): SQL injection vulnerability in administrer/tva.php in Peel SHOPPING 2.8 and 2.9 allows remote attackers to execute arbitrary SQL commands…
CVE-2021-41672 — CVSS 6.5 (medium): PEEL Shopping CMS 9.4.0 is vulnerable to authenticated SQL injection in utilisateurs.php. A user that belongs to the administrator group…
CVE-2021-27190 — CVSS 5.4 (medium): A Stored Cross Site Scripting(XSS) Vulnerability was discovered in PEEL SHOPPING 9.3.0 and 9.4.0, which are publicly available. The user…
CVE-2018-1000887 — CVSS 4.8 (medium): Peel shopping peel-shopping_9_1_0 version contains a Cross Site Scripting (XSS) vulnerability that can result in an authenticated user…
CVE-2012-5226 — CVSS 4.3 (medium): Multiple cross-site scripting (XSS) vulnerabilities in Peel SHOPPING 2.8 and 2.9 allow remote attackers to inject arbitrary web script or…