This page lists publicly disclosed CVE vulnerabilities affecting ecommerce-codeigniter-bootstrap_project ecommerce-codeigniter-bootstrap (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2024-6526 | A vulnerability classified as problematic has been found in CodeIgniter Ecommerce-CodeIgniter-Bootstrap up to 1998845073cf433bc6c250b0354461fbd84d0e03. This affects an unknown part. The manipulation of the argument search_title/catName/sub/name/categorie leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of the patch is 1b3da45308bb6c3f55247d0e99620b600bd85277. It is recommended to apply a pa | [email protected] | 5.3 | 0.52% | 2024-07-05 | 2024-11-21 |
| CVE-2024-31823 | An issue in Ecommerce-CodeIgniter-Bootstrap commit v. d22b54e8915f167a135046ceb857caaf8479c4da allows a remote attacker to execute arbitrary code via the removeSecondaryImage method of the Publish.php component. | [email protected] | 8.8 | 1.64% | 2024-04-29 | 2025-09-26 |
| CVE-2024-31822 | An issue in Ecommerce-CodeIgniter-Bootstrap commit v. d22b54e8915f167a135046ceb857caaf8479c4da allows a remote attacker to execute arbitrary code via the saveLanguageFiles method of the Languages.php component. | [email protected] | 9.8 | 1.92% | 2024-04-29 | 2025-09-23 |
| CVE-2024-31821 | SQL Injection vulnerability in Ecommerce-CodeIgniter-Bootstrap commit v. d22b54e8915f167a135046ceb857caaf8479c4da allows a remote attacker to execute arbitrary code via the manageQuantitiesAndProcurement method of the Orders_model.php component. | [email protected] | 8.0 | 1.07% | 2024-04-29 | 2025-09-23 |
| CVE-2024-31820 | An issue in Ecommerce-CodeIgniter-Bootstrap commit v. d22b54e8915f167a135046ceb857caaf8479c4da allows a remote attacker to execute arbitrary code via the getLangFolderForEdit method of the Languages.php component. | [email protected] | 9.8 | 1.92% | 2024-04-29 | 2025-09-23 |
| CVE-2023-23010 | Cross Site Scripting (XSS) vulnerability in Ecommerce-CodeIgniter-Bootstrap thru commit d5904379ca55014c5df34c67deda982c73dc7fe5 (on Dec 27, 2022), allows attackers to execute arbitrary code via the languages and trans_load parameters in file add_product.php. | [email protected] | 6.1 | 0.61% | 2023-01-20 | 2025-04-03 |
| CVE-2022-35213 | Ecommerce-CodeIgniter-Bootstrap before commit 56465f was discovered to contain a cross-site scripting (XSS) vulnerability via the function base_url() at /blog/blogpublish.php. | [email protected] | 6.1 | 0.46% | 2022-08-18 | 2024-11-21 |
| CVE-2021-40975 | Cross-site scripting (XSS) vulnerability in application/modules/admin/views/ecommerce/products.php in Ecommerce-CodeIgniter-Bootstrap (Codeigniter 3.1.11, Bootstrap 3.3.7) allows remote attackers to inject arbitrary web script or HTML via the search_title parameter. | [email protected] | 6.1 | 0.81% | 2021-10-01 | 2024-11-21 |
| CVE-2020-25093 | Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in blog.php. within application/views/templates/clothesshop, application/views/templates/onepage, and application/views/templates/redlabel. | [email protected] | 6.1 | 0.68% | 2020-09-03 | 2024-11-21 |
| CVE-2020-25092 | Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in _parts/header.php, within application/views/templates/clothesshop, application/views/templates/greenlabel, and application/views/templates/redlabel. | [email protected] | 6.1 | 0.68% | 2020-09-03 | 2024-11-21 |
| CVE-2020-25091 | Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in application/modules/vendor/views/add_product.php. | [email protected] | 6.1 | 0.68% | 2020-09-03 | 2024-11-21 |
| CVE-2020-25090 | Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in application/modules/admin/views/ecommerce/publish.php. | [email protected] | 6.1 | 0.68% | 2020-09-03 | 2024-11-21 |
| CVE-2020-25089 | Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in application/modules/admin/views/ecommerce/discounts.php. | [email protected] | 6.1 | 0.68% | 2020-09-03 | 2024-11-21 |
| CVE-2020-25088 | Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in application/modules/admin/views/blog/blogpublish.php. | [email protected] | 6.1 | 0.68% | 2020-09-03 | 2024-11-21 |
| CVE-2020-25087 | Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in application/modules/admin/views/advanced_settings/languages.php. | [email protected] | 6.1 | 0.68% | 2020-09-03 | 2024-11-21 |
| CVE-2020-25086 | Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in application/modules/admin/views/advanced_settings/adminUsers.php. | [email protected] | 6.1 | 0.68% | 2020-09-03 | 2024-11-21 |