Vulnerabilidades en Bagisto
12 resultadosCVE-2026-21450HIGHBagisto has SSTI in parameter that can lead to RCEEPSS 1.2%CVE-2026-21448HIGHBagisto has Normal & Blind SSTI from low-privilege user when ordering productEPSS 0.8%CVE-2026-21446HIGHBagisto Missing Authentication on Installer API EndpointsEPSS 0.6%CVE-2026-21451MEDIUMBagisto has HTML Filter Bypass that Enables Stored XSSEPSS 0.5%CVE-2026-21449HIGHBagisto has SSTI via first and last name from low-privilege user (not admin)EPSS 0.5%CVE-2025-62416MEDIUMbagisto - Server Side Template Injection (SSTI) in Product DescriptionEPSS 0.4%CVE-2025-62417HIGHbagisto - CSV Formula Injection in Create New ProductEPSS 0.4%CVE-2026-21447HIGHBagisto has IDOR in Customer Order Reorder FunctionalityEPSS 0.3%CVE-2025-62418MEDIUMbagisto - Cross Site Scripting (XSS) in TinyMCE Image Upload (SVG)EPSS 0.3%CVE-2025-62415MEDIUMbagisto - Cross Site Scripting (XSS) in TinyMCE Image Upload (HTML)EPSS 0.3%CVE-2025-62414MEDIUMbagisto - Cross Site Scripting (XSS) in Create New CustomerEPSS 0.3%CVE-2025-40675MEDIUMReflected Cross-Site Scripting (XSS) in BagistoEPSS 0.2%