CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-23010

Cross Site Scripting (XSS) vulnerability in Ecommerce-CodeIgniter-Bootstrap thru commit d5904379ca55014c5df34c67deda982c73dc7fe5 (on Dec 27, 2022), allows attackers to execute arbitrary code via the languages and trans_load parameters in file add_product.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 25.0%

CVSS Severity

CVSS v3 Score 6.1

References

https://gist.github.com/enferas/8a836008e9f635a2f80d09c9a8b5a533
https://github.com/kirilkirkov/Ecommerce-CodeIgniter-Bootstrap/commit/d5904379ca55014c5df34c67deda982c73dc7fe5
https://github.com/kirilkirkov/Ecommerce-CodeIgniter-Bootstrap/issues/242
https://gist.github.com/enferas/8a836008e9f635a2f80d09c9a8b5a533
https://github.com/kirilkirkov/Ecommerce-CodeIgniter-Bootstrap/commit/d5904379ca55014c5df34c67deda982c73dc7fe5
https://github.com/kirilkirkov/Ecommerce-CodeIgniter-Bootstrap/issues/242

Products affected by CVE-2023-23010

Ecommerce-Codeigniter-Bootstrap Project » Ecommerce-Codeigniter-Bootstrap » Version: N/A

cpe:2.3:a:ecommerce-codeigniter-bootstrap_project:ecommerce-codeigniter-bootstrap:-
Ecommerce-Codeigniter-Bootstrap Project » Ecommerce-Codeigniter-Bootstrap » Version: 2020-08-03

cpe:2.3:a:ecommerce-codeigniter-bootstrap_project:ecommerce-codeigniter-bootstrap:2020-08-03

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-23010

Products

Pricing

Contact Us