Webkul: Security Vulnerabilities
Cross Site Scripting vulnerability found in Webkil QloApps v.1.5.2 allows a remote attacker to obtain sensitive information via the back and email_create parameters in the AuthController.php file.
CVSS Score
6.1
EPSS Score
0.781
Published
2023-05-11
Webkul krayin crm before 1.2.2 is vulnerable to Cross Site Scripting (XSS).
CVSS Score
6.1
EPSS Score
0.002
Published
2022-06-21
In Webkul Bagisto before 0.1.5, the functionalities for customers to change their own values (such as address, review, orders, etc.) can also be manipulated by other customers.
CVSS Score
8.8
EPSS Score
0.003
Published
2019-09-18
Bagisto 0.1.5 allows CSRF under /admin URIs.
CVSS Score
8.8
EPSS Score
0.001
Published
2019-08-11
Directory traversal vulnerability in the Ultimate Portfolio (com_ultimateportfolio) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
CVSS Score
5.0
EPSS Score
0.036
Published
2010-05-03
Page 6