CVEDB API

Vulnerabilities

Vulnerable Software

Welcart: >> Welcart E-Commerce >> 2.8.13 Security Vulnerabilities

CVE-2023-43610

SQL injection vulnerability in Order Data Edit page of Welcart e-Commerce versions 2.7 to 2.8.21 allows a user with editor (without setting authority) or higher privilege to perform unintended database operations.

CVSS Score

8.8

EPSS Score

0.004

Published

2023-09-27

CVE-2023-43614

Cross-site scripting vulnerability in Order Data Edit page of Welcart e-Commerce versions 2.7 to 2.8.21 allows a remote unauthenticated attacker to inject an arbitrary script.

CVSS Score

6.1

EPSS Score

0.002

Published

2023-09-27

CVE-2023-41962

Cross-site scripting vulnerability in Credit Card Payment Setup page of Welcart e-Commerce versions 2.7 to 2.8.21 allows a remote unauthenticated attacker to inject an arbitrary script in the page.

CVSS Score

6.1

EPSS Score

0.003

Published

2023-09-27

CVE-2023-41233

Cross-site scripting vulnerability in Item List page registration process of Welcart e-Commerce versions 2.7 to 2.8.21 allows a remote unauthenticated attacker to inject an arbitrary script.

CVSS Score

6.1

EPSS Score

0.002

Published

2023-09-27

CVE-2023-40219

Welcart e-Commerce versions 2.7 to 2.8.21 allows a user with editor or higher privilege to upload an arbitrary file to an unauthorized directory.

CVSS Score

7.2

EPSS Score

0.005

Published

2023-09-27

Page 2

Vulnerabilities

Vulnerable Software

Welcart: >> Welcart E-Commerce >> 2.8.13 Security Vulnerabilities

Products

Pricing

Contact Us