ecommerce-website_project ecommerce-website CVE Vulnerabilities (5)

CVEs: 5 CPE versions: View versions table

Summary

This page lists publicly disclosed CVE vulnerabilities affecting ecommerce-website_project ecommerce-website (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.

Showing 15 of 5 CVEs
«« First « Prev Page 1 / 1 Next »
CVE Summary Source Max CVSS EPSS % Published Updated
CVE-2022-45990 A cross-site scripting (XSS) vulnerability in the component /signup_script.php of Ecommerce-Website v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the eMail parameter. [email protected] 6.1 0.46% 2022-12-05 2026-06-17
CVE-2022-27357 Ecommerce-Website v1 was discovered to contain an arbitrary file upload vulnerability via /customer_register.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file. [email protected] 9.8 3.33% 2022-04-08 2026-06-17
CVE-2022-27346 Ecommece-Website v1.1.0 was discovered to contain an arbitrary file upload vulnerability via /admin/index.php?slides. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file. [email protected] 8.8 2.47% 2022-04-08 2026-06-17
CVE-2022-27436 A cross-site scripting (XSS) vulnerability in /public/admin/index.php?add_user at Ecommerce-Website v1.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the username text field. [email protected] 4.8 0.98% 2022-04-04 2026-06-17
CVE-2022-27435 An unrestricted file upload at /public/admin/index.php?add_product of Ecommerce-Website v1.1.0 allows attackers to upload a webshell via the Product Image component. [email protected] 8.8 1.68% 2022-04-04 2026-06-17
«« First « Prev Page 1 / 1 Next »
cvelogic Threat Intelligence