Ecommerce CMS
by Spa Cart
CVEs (5)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-4547 | 0.04 | — | 0.49 | Aug 26, 2023 | A vulnerability was found in SPA-Cart eCommerce CMS 1.9.0.3. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /search. The manipulation of the argument filter[brandid]/filter[price] leads to cross site scripting. The attack may… | |||
| CVE-2023-4548 | 0.03 | — | 0.20 | Aug 26, 2023 | A vulnerability classified as critical has been found in SPA-Cart eCommerce CMS 1.9.0.3. This affects an unknown part of the file /search of the component GET Parameter Handler. The manipulation of the argument filter[brandid] leads to sql injection. It is possible to initiate… | |||
| CVE-2020-23978 | 0.00 | — | 0.02 | Aug 27, 2020 | SQL injection can occur in Soluzione Globale Ecommerce CMS v1 via the parameter " offerta.php" | |||
| CVE-2020-23976 | 0.00 | — | 0.02 | Aug 27, 2020 | Webexcels Ecommerce CMS 2.x, 2017, 2018, 2019, 2020 has SQL Injection via the 'content.php' id parameter. | |||
| CVE-2020-23975 | 0.00 | — | 0.01 | Aug 27, 2020 | Webexcels Ecommerce CMS 2.x, 2017, 2018, 2019, 2020 has cross site scripting via the 'search.php' id parameter. |
- CVE-2023-4547Aug 26, 2023risk 0.04cvss —epss 0.49
A vulnerability was found in SPA-Cart eCommerce CMS 1.9.0.3. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /search. The manipulation of the argument filter[brandid]/filter[price] leads to cross site scripting. The attack may…
- CVE-2023-4548Aug 26, 2023risk 0.03cvss —epss 0.20
A vulnerability classified as critical has been found in SPA-Cart eCommerce CMS 1.9.0.3. This affects an unknown part of the file /search of the component GET Parameter Handler. The manipulation of the argument filter[brandid] leads to sql injection. It is possible to initiate…
- CVE-2020-23978Aug 27, 2020risk 0.00cvss —epss 0.02
SQL injection can occur in Soluzione Globale Ecommerce CMS v1 via the parameter " offerta.php"
- CVE-2020-23976Aug 27, 2020risk 0.00cvss —epss 0.02
Webexcels Ecommerce CMS 2.x, 2017, 2018, 2019, 2020 has SQL Injection via the 'content.php' id parameter.
- CVE-2020-23975Aug 27, 2020risk 0.00cvss —epss 0.01
Webexcels Ecommerce CMS 2.x, 2017, 2018, 2019, 2020 has cross site scripting via the 'search.php' id parameter.