Webkul: >> Bagisto Security Vulnerabilities
Cross Site Scripting vulnerability in webkil Bagisto v.1.5.0 and before allows an attacker to execute arbitrary code via a crafted SVG file uplad.
CVSS Score
4.8
EPSS Score
0.002
Published
2024-01-16
Bagisto v1.5.1 is vulnerable to Server-Side Template Injection (SSTI).
CVSS Score
8.8
EPSS Score
0.004
Published
2023-06-28
In Webkul Bagisto before 0.1.5, the functionalities for customers to change their own values (such as address, review, orders, etc.) can also be manipulated by other customers.
CVSS Score
8.8
EPSS Score
0.003
Published
2019-09-18
Bagisto 0.1.5 allows CSRF under /admin URIs.
CVSS Score
8.8
EPSS Score
0.001
Published
2019-08-11
Page 2