Collne Inc.
Products
1- 10 CVEs
Recent CVEs
10| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-43614 | 0.00 | — | 0.00 | Sep 26, 2023 | Cross-site scripting vulnerability in Order Data Edit page of Welcart e-Commerce versions 2.7 to 2.8.21 allows a remote unauthenticated attacker to inject an arbitrary script. | ||
| CVE-2023-43610 | 0.00 | — | 0.00 | Sep 26, 2023 | SQL injection vulnerability in Order Data Edit page of Welcart e-Commerce versions 2.7 to 2.8.21 allows a user with editor (without setting authority) or higher privilege to perform unintended database operations. | ||
| CVE-2023-43493 | 0.00 | — | 0.00 | Sep 26, 2023 | SQL injection vulnerability in Item List page of Welcart e-Commerce versions 2.7 to 2.8.21 allows a user with author or higher privilege to obtain sensitive information. | ||
| CVE-2023-43484 | 0.00 | — | 0.00 | Sep 26, 2023 | Cross-site scripting vulnerability in Item List page of Welcart e-Commerce versions 2.7 to 2.8.21 allows a remote unauthenticated attacker to inject an arbitrary script. | ||
| CVE-2023-41962 | 0.00 | — | 0.00 | Sep 26, 2023 | Cross-site scripting vulnerability in Credit Card Payment Setup page of Welcart e-Commerce versions 2.7 to 2.8.21 allows a remote unauthenticated attacker to inject an arbitrary script in the page. | ||
| CVE-2023-41233 | 0.00 | — | 0.00 | Sep 26, 2023 | Cross-site scripting vulnerability in Item List page registration process of Welcart e-Commerce versions 2.7 to 2.8.21 allows a remote unauthenticated attacker to inject an arbitrary script. | ||
| CVE-2023-40532 | 0.00 | — | 0.00 | Sep 26, 2023 | Path traversal vulnerability in Welcart e-Commerce versions 2.7 to 2.8.21 allows a user with author or higher privilege to obtain partial information of the files on the web server. | ||
| CVE-2023-40219 | 0.00 | — | 0.01 | Sep 26, 2023 | Welcart e-Commerce versions 2.7 to 2.8.21 allows a user with editor or higher privilege to upload an arbitrary file to an unauthorized directory. | ||
| CVE-2023-22705 | 0.00 | — | 0.00 | Mar 29, 2023 | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Collne Inc. Welcart e-Commerce plugin <= 2.8.10 versions. | ||
| CVE-2021-20734 | 0.00 | — | 0.01 | Jun 22, 2021 | Cross-site scripting vulnerability in Welcart e-Commerce versions prior to 2.2.4 allows remote attackers to inject arbitrary script or HTML via unspecified vectors. |
- CVE-2023-43614Sep 26, 2023risk 0.00cvss —epss 0.00
Cross-site scripting vulnerability in Order Data Edit page of Welcart e-Commerce versions 2.7 to 2.8.21 allows a remote unauthenticated attacker to inject an arbitrary script.
- CVE-2023-43610Sep 26, 2023risk 0.00cvss —epss 0.00
SQL injection vulnerability in Order Data Edit page of Welcart e-Commerce versions 2.7 to 2.8.21 allows a user with editor (without setting authority) or higher privilege to perform unintended database operations.
- CVE-2023-43493Sep 26, 2023risk 0.00cvss —epss 0.00
SQL injection vulnerability in Item List page of Welcart e-Commerce versions 2.7 to 2.8.21 allows a user with author or higher privilege to obtain sensitive information.
- CVE-2023-43484Sep 26, 2023risk 0.00cvss —epss 0.00
Cross-site scripting vulnerability in Item List page of Welcart e-Commerce versions 2.7 to 2.8.21 allows a remote unauthenticated attacker to inject an arbitrary script.
- CVE-2023-41962Sep 26, 2023risk 0.00cvss —epss 0.00
Cross-site scripting vulnerability in Credit Card Payment Setup page of Welcart e-Commerce versions 2.7 to 2.8.21 allows a remote unauthenticated attacker to inject an arbitrary script in the page.
- CVE-2023-41233Sep 26, 2023risk 0.00cvss —epss 0.00
Cross-site scripting vulnerability in Item List page registration process of Welcart e-Commerce versions 2.7 to 2.8.21 allows a remote unauthenticated attacker to inject an arbitrary script.
- CVE-2023-40532Sep 26, 2023risk 0.00cvss —epss 0.00
Path traversal vulnerability in Welcart e-Commerce versions 2.7 to 2.8.21 allows a user with author or higher privilege to obtain partial information of the files on the web server.
- CVE-2023-40219Sep 26, 2023risk 0.00cvss —epss 0.01
Welcart e-Commerce versions 2.7 to 2.8.21 allows a user with editor or higher privilege to upload an arbitrary file to an unauthorized directory.
- CVE-2023-22705Mar 29, 2023risk 0.00cvss —epss 0.00
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Collne Inc. Welcart e-Commerce plugin <= 2.8.10 versions.
- CVE-2021-20734Jun 22, 2021risk 0.00cvss —epss 0.01
Cross-site scripting vulnerability in Welcart e-Commerce versions prior to 2.2.4 allows remote attackers to inject arbitrary script or HTML via unspecified vectors.