Vulnerabilidades en Collne Inc.
12 resultadosCVE-2022-41840HIGHWordPress Welcart eCommerce plugin <= 2.7.7 - Unauth. Directory Traversal vulnerabilityEPSS 5.1%CVE-2021-20734—Cross-site scripting vulnerability in Welcart e-Commerce versions prior to 2.2.4 allows remote attackers to inject arbitrary script or HTML EPSS 1.0%CVE-2023-40219—Welcart e-Commerce versions 2.7 to 2.8.21 allows a user with editor or higher privilege to upload an arbitrary file to an unauthorized direcEPSS 0.9%CVE-2023-43610—SQL injection vulnerability in Order Data Edit page of Welcart e-Commerce versions 2.7 to 2.8.21 allows a user with editor (without setting EPSS 0.9%CVE-2023-43493—SQL injection vulnerability in Item List page of Welcart e-Commerce versions 2.7 to 2.8.21 allows a user with author or higher privilege to EPSS 0.8%CVE-2023-43484—Cross-site scripting vulnerability in Item List page of Welcart e-Commerce versions 2.7 to 2.8.21 allows a remote unauthenticated attacker tEPSS 0.6%CVE-2023-43614—Cross-site scripting vulnerability in Order Data Edit page of Welcart e-Commerce versions 2.7 to 2.8.21 allows a remote unauthenticated attaEPSS 0.6%CVE-2023-40532—Path traversal vulnerability in Welcart e-Commerce versions 2.7 to 2.8.21 allows a user with author or higher privilege to obtain partial inEPSS 0.6%CVE-2023-41233—Cross-site scripting vulnerability in Item List page registration process of Welcart e-Commerce versions 2.7 to 2.8.21 allows a remote unautEPSS 0.6%CVE-2023-41962—Cross-site scripting vulnerability in Credit Card Payment Setup page of Welcart e-Commerce versions 2.7 to 2.8.21 allows a remote unauthentiEPSS 0.6%CVE-2023-50847HIGHWordPress Welcart e-Commerce Plugin <= 2.9.3 is vulnerable to SQL InjectionEPSS 0.5%CVE-2023-22705HIGHWordPress Welcart e-Commerce Plugin <= 2.8.10 is vulnerable to Cross Site Scripting (XSS)EPSS 0.4%