VYPR

Seotoaster

by Seotoaster

CVEs (2)

  • CVE-2019-25577MedMar 21, 2026
    risk 0.36cvss 5.5epss 0.01

    SeoToaster Ecommerce 3.0.0 contains a local file inclusion vulnerability that allows authenticated attackers to read arbitrary files by manipulating path parameters in backend theme endpoints. Attackers can send POST requests to /backend/backend_theme/editcss/ or…

  • CVE-2011-5230Oct 25, 2012
    risk 0.03cvss epss 0.02

    Multiple SQL injection vulnerabilities in the selectUserIdByLoginPass function in seotoaster_core/application/models/LoginModel.php in Seotoaster 1.9 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) login parameter to sys/login/index or (2)…