Vulnerabilities (CVE)

Filtered by vendor Php Multivendor Ecommerce Project Subscribe
Filtered by product Php Multivendor Ecommerce
Total 11 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-17960 1 Php Multivendor Ecommerce Project 1 Php Multivendor Ecommerce 2024-11-21 6.8 MEDIUM 8.8 HIGH
PHP Scripts Mall PHP Multivendor Ecommerce has CSRF via admin/sellerupd.php.
CVE-2017-17959 1 Php Multivendor Ecommerce Project 1 Php Multivendor Ecommerce 2024-11-21 7.5 HIGH 9.8 CRITICAL
PHP Scripts Mall PHP Multivendor Ecommerce has SQL Injection via the seller-view.php usid parameter.
CVE-2017-17958 1 Php Multivendor Ecommerce Project 1 Php Multivendor Ecommerce 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
PHP Scripts Mall PHP Multivendor Ecommerce has XSS via the my_wishlist.php fid parameter.
CVE-2017-17957 1 Php Multivendor Ecommerce Project 1 Php Multivendor Ecommerce 2024-11-21 7.5 HIGH 9.8 CRITICAL
PHP Scripts Mall PHP Multivendor Ecommerce has SQL Injection via the my_wishlist.php fid parameter.
CVE-2017-17956 1 Php Multivendor Ecommerce Project 1 Php Multivendor Ecommerce 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
PHP Scripts Mall PHP Multivendor Ecommerce has XSS via the admin/sellerupd.php companyname parameter.
CVE-2017-17955 1 Php Multivendor Ecommerce Project 1 Php Multivendor Ecommerce 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
PHP Scripts Mall PHP Multivendor Ecommerce has XSS via the shopping-cart.php cusid parameter.
CVE-2017-17954 1 Php Multivendor Ecommerce Project 1 Php Multivendor Ecommerce 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
PHP Scripts Mall PHP Multivendor Ecommerce has XSS via the seller-view.php usid parameter.
CVE-2017-17953 1 Php Multivendor Ecommerce Project 1 Php Multivendor Ecommerce 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
PHP Scripts Mall PHP Multivendor Ecommerce has XSS via the category.php chid1 parameter.
CVE-2017-17952 1 Php Multivendor Ecommerce Project 1 Php Multivendor Ecommerce 2024-11-21 5.0 MEDIUM 8.6 HIGH
PHP Scripts Mall PHP Multivendor Ecommerce has a predicable registration URL, which makes it easier for remote attackers to register with an invalid or spoofed e-mail address.
CVE-2017-17951 1 Php Multivendor Ecommerce Project 1 Php Multivendor Ecommerce 2024-11-21 7.5 HIGH 9.8 CRITICAL
PHP Scripts Mall PHP Multivendor Ecommerce has SQL Injection via the shopping-cart.php cusid parameter.
CVE-2017-17624 1 Php Multivendor Ecommerce Project 1 Php Multivendor Ecommerce 2024-11-21 7.5 HIGH 9.8 CRITICAL
PHP Multivendor Ecommerce 1.0 has SQL Injection via the single_detail.php sid parameter, or the category.php searchcat or chid1 parameter.