VYPR

E Commerce

by Carello

CVEs (2)

  • CVE-2022-28132HigMay 14, 2024
    risk 0.47cvss 7.2epss 0.01

    The T-Soft E-Commerce 4 web application is susceptible to SQL injection (SQLi) attacks when authenticated as an admin or privileged user. This vulnerability allows attackers to access and manipulate the database through crafted requests. By exploiting this flaw, attackers can…

  • CVE-2001-0614Aug 22, 2001
    risk 0.03cvss epss 0.03

    Carello E-Commerce 1.2.1 and earlier allows a remote attacker to gain additional privileges and execute arbitrary commands via a specially constructed URL.